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Welcome to the last AUUGN for the Year 2000, and 
the first one with me (Con Zymaris) as editor. 

I’ve accepted the stewardship of this long-running 
Journal from Gunther Feuerelsen, who has heen edi¬ 
tor of AUUGN for over four years. Please join me In 
thanking Gunther for all his efforts. My putting to¬ 
gether even one of these Issues has definitely enlight¬ 
ened me as to the work-level required, highlighting 
Gunther’s dedication even more. 
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Now, onto what we have planned for you In this, and 
In future Issues. 

We’ve drawn upon various technical Information 
sources for content that we think will he of heneflt to 
Unix and open systems developers, systems adminis¬ 
trators, managers and related professionals. 

We mix hlg-vendor Unix platforms, as well as Open 
Source OSes and tools. 

And finally, we hope we do what all good user-group 
puhllcatlons are meant to do, let you know what Is 
happening with AUUG, your user group. 
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If we’ve heen edifying, entertaining and enlightening 
In any way, tough, that was Intentional :-) If we’ve 
missed the mark hy way of content or style, then It’s 
In your hands to help rectify this; Let us know. 


Cheers, 


Con 

Thanks to our Sponsors: 
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AUUGN Editorial Committee 


Contribution Dead¬ 
lines for AUUGN in 
2001 _ 

Volume 22 • Number 1 - March 2001: February 

17 ^*^, 2001 

Volume 22 • Number 2 - June 2001: May 17^^, 2001 

Volume 22 • Number 3 - September 2001: August 

17th, 2001 

Volume 22 • Number 4 - December 2001: November 
17 ^*^, 2001 


The AUUGN Editorial Committee can be reached by sending email to: 
auugn @ auug.org .au 

Or to the following address: 

AUUGN Editor 
PO Box 366 
Kensington NSW 2033 

Editor: 

Con Zymaris 

Sub-Editors: 

Mark Neely 
Jerry Vochteloo 

Public Relations and Marketing: 

Elizabeth Carroll 

AUUGN Submission Guidelines 


Submission guidelines for AUUGN contributions can be obtained from the AUUG 
World Wide Web site at: 

www.auug.org.au 

Alternately, send email to the above correspondence address, requesting a copy. 
AUUGN Back Issues 


A variety of back issues of AUUGN are still available. For price and availability 
please contact the AUUG Secretariat, or write to: 

AUUG Inc. 

Back Issues Department 
PO Box 366 
Kensington NSW 2033 

Conference Proceedings 


A limited number of copies of the Conference Proceedings from previous AUUG 
Conferences are still available. Contact the AUUG Secretariat for details. 

Mailing Lists 


Enquiries regarding the purchase of the AUUGN mailing list should be directed to 
the AUUG Secretariat. 

Disclaimer 


Opinions expressed by the authors and reviewers are not necessarily those of AUUG 
Inc., its Journal, or its editorial committee. 

Copyright Information 


Copyright © 2000 AUUG Inc. 

All rights reserved. 

AUUGN is the journal of AUUG Inc., an organisation with the aim of promoting 
knowledge and understanding of Open Systems, including, but not restricted to, the 
UNIX® operating system, user interfaces, graphics, networking, programming and 
development environments and related standards. 

Copyright without fee is permitted, provided that copies are made without modifica¬ 
tion, and are not made or distributed for commercial advantage. 
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President’s Column 

David Purdue 

David.Purdue @ auug.org.au 


connect v. (often + to, with) join; be 
joined; assoeiate mentally or praetieally; 
(+ with) (of train ete.) arrive in time for 
passengers to transfer to another; put 
into eommunieation with by telephone; 
(usu. in passive; +with) assoeiate with 
(others) in relationships ete.; colloq. hit 
or strike effeetively. 

- The Australian Little 0 :>^ord Dictionary 


I am a very well connected person. You can reach me 
at almost any time, day or night, from pretty much 
an 3 rwhere In the world. I have a mobile phone, hut I 
am also mostly near one land line or another. I don’t 
have a pager, hut my phone has a memo service and 
SMS. I have about a dozen email addresses. I even 
have a camera set up on my desk for rudimentary 
video conferencing. 

Which begs the question - why am 1 spending so 
mueh time on aeroplanes? 

It seems that we as humans have a need to eon- 
neet physieally with other people. There are so 
many forms of eommunieation over a distanee 
these days, but there seems to be many ele¬ 
ments of human eommunieation that are not 
eaptured by these eommunieations. Serious ne¬ 
gotiations are still earried out faee-to-faee. 

A similar observation applies to gathering 
new knowledge. We have at our disposal books, 
web sites, videos, eomputer aided instruetion, 
but still the most effeetive way to learn some¬ 
thing is to have someone explain it to you. This 
is refleeted by the deeision of some aeademies at 


a major Australian university not to plaee learn¬ 
ing materials or reeordings of the leetures for 
their eourses on the web. They found that stu¬ 
dents were using this as an exeuse not to attend 
leetures, and thus were not learning as ef¬ 
feetively. 

This is partly what is driving the AUUG Man¬ 
agement Committee to organise more events 
where people will eome and explain things to 
you. 

During November AUUG organised the Seeu- 
rity Symposium and the Australian Open Souree 
S3miposium. Both these events are in their see- 
ond year, and were both very sueeessful, if not 
as well attended as we would like. 

We think that the one day S3miposium is a 
good way for AUUG to deliver value baek to our 
members, and we will be inereasing the number 
of symposia we run so that we ean eover more 
topies and present events in more loeations. We 
would be keen to hear from you if you have an 
idea for a S3miposium topie, and espeeially if you 
would like to speak at or help organise one. 

To ensure you hear about AUUG organised 
events, subseribe to auug-announee. To ensure 
that AUUG has your eorreet email address and 
that you are on the list, please send an email to 
Liz Carroll at <busmgr@auug.org.au>. 
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Tellurian Pty Ltd 

Come to us if you need seriously oopoble people to help with your oom- 

puter systems. We're very good at what we do. 

• Unix, Moointosh and Windows experts 

• Legooy system re-engineering and integration 

• System management and support 

• Internet oooess 

Our two ourrent major projeots: 

• Support and development of on integrated environment oovering op- 
pliootions running on IBM3090, DEC Alpha, SCO Unix and Nortel switohes. 
Just imagine the oost benefits of supporting over 500 oonourrent users on 
four little 486 and Pentium PCs. 

• From the ground-up implementation of MFC and Windows API on Apple 
Moointosh. We've got our olient's Windows MFC oppliootion running, 
bug-for-bug, on Apple Moointosh. 

Tellurian Pty Ltd (08) 8408 9600 

272 Prospeot Rood www.tellurian.oom.au 

Prospeot SA 5082 sales@tellurian.oom.au 



Consulting, Training 
and Development 


Web: www.cyber.com.au Phone: +67 3 9642 5997 

Mail: info@cyber.com.au Fax: +61 3 9642 5998 


Cybersource is a professional services consultancy 
specializing in the areas of Unix, Linux, and 
Windows. We provide network consulting, staff 
training, and application development services and 
have over 10 years experience in the industry. 


So if your organization has a need for systems and 
network administration, security and auditing, or 
web based application development, you know 
who to call. 
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Public Notices 


Clunies Ross National Science & Technology 
Award 2001 

Date: 28 March 2001 

Extent: Clunies Ross National Science & Technology 
Award 2001 

Award recipients will he publicly honoured at a for¬ 
mal ceremony and dinner to he held at Hotel Sofltel, 
Melhourne on Wednesday 28 March 
2001 . 

This annual Award has now honoured 52 special 
Australians who have made an outstanding contrl- 
hutlon to the application of science and technology 
for the economic, social or environmental heneflt of 
Australia. 

Contact Details: Mary Bolger on (03) 9854 6266 
(Email: lcr@crnet.com.au) or visit our weh site at 
http: //www.clunlesross.org.au 


Upcoming Conferences 

Decemher 3 - Decemher 5, 2000. 

Wireless DevCon 2000 

San Jose Douhletree Hotel, San Jose, CA. 

Decemher 3 - Decemher 8, 2000. 

LISA 2000 

New Orleans, LA. 

January 30 - Fehruary 2, 2001. 

LinuxWorld Conference & Expo 

New York, NY 

March 5 - March 8, 2001 

The Ninth International Python Conference 

Long Beach, California 


AUUGN Vol.21 • No. 4 


- 5 - 


Decemher 2000 



My Home Network 
(November 2000) _ 

Author: Frank Crawford 
<frank@crawford.emu.id.au> 

Its time for another AUUGN, but this time there are 
a number of differences. Firstly, we have a new edi¬ 
tor for AUUGN, Con Z 3 rmarls, and I’d like to wel¬ 
come him to this demanding job. Con, have fun 
with It. I’d also like to thank our previous editor, 
Gunther Feuerelsen, for his efforts over the years, 
well done. However, changes in AUUGN are not the 
only thing I want to mention, I have changed jobs, 
moving from ANSTO, to a new company, ac3. Still 
doing the same type of work, managing systems, 
but at an organisation dedicated to high perfor¬ 
mance computing. 

One reason I mention the change in jobs is that 
many of the items within my home network have 
been reimplemented at ac3 as I’ve helped to build 
up an entire computer infrastructure from scratch. 
Again, this shows that the requirements for an or¬ 
ganisations network and a home network are not 
really that different. 

One of the other similarities between such systems 
is how it is managed, in particular you need to fol¬ 
low the three rules of system administration: "auto¬ 
mate, automate, automate". A big area for this 
Is keeping software up-to-date. In particular down¬ 
loading updates for later (or Immediate) Installation. 

Despite the prevalence of the web and the assump¬ 
tion that It can be used for everything, most Instal¬ 
lation programs, particularly for GUI based sys¬ 
tems, assume that a user Is available to launch the 
process. As well, updates are getting bigger and 
bigger, and more and more frequent. All of which 
means that you need either a lot of time to sit at 
your computer or need a way to make the whole 
process non-lnteractlve, l.e. automate It. 

The first step In this Is to realise that while down¬ 
loads are getting bigger, the protocol used for It Is 
amongst the oldest available on the Internet, FTP. 
This has been supplemented by HTTP download ca¬ 
pabilities, but In most cases you can access the 
files via either method. 

Given a server running continuously, with sufficient 
disk space. It Is simple to set up an FTP mirror. 
While there are a few programs around to do It, the 
one I use Is called ‘mirror’. It Is written entirely In 
Perl and Is simple to Install and use. By Itself It 
downloads files recursively from a source directory, 
but Include a script to run multiple downloads from 
different sites at once. 

Aside from just downloading files. It deletes files 
that have been removed, creates new directories, 
excludes files matching certain patterns and ulti¬ 
mately sends out mall when updates occur. In fact 
the comments In the documentation says: 


Mirror Is a package written In Perl that uses the 
FTP protocol to duplicate a directory hierarchy be¬ 
tween the machine It Is run on and a remote host. 
It avoids cop 5 dng files unnecessarily by comparing 
the file time-stamps and file sizes before transfer¬ 
ring. Amongst other things. It can optionally re¬ 
name, compress, gzlp, and split files. 

Mirror was written by Lee McLoughlln 
<lmjm@lcparc.lc.ac.uk> for use by archive maln- 
talners but can be used by anyone wanting to 
transfer a lot of files via FTP. Although originally 
only available on Un*x with version 2.9 mirror will 
also run on Wlnd’*ws 95 and Wlnd’*ws NT. 

The latest version of mirror can always be found at 
either: 

ftp: / / sunslte.org.uk/packages/mlrror/mlrror.tar.gz 
ftp: / / sunslte.org.uk/packages/mlrror/mlrror.zlp 

It Is also distributed as part of the Red Hat Power- 
tools, with version 2.9 on the RedHat 6.2 Power- 
tools. 

‘Mirror’ Is basically controlled by two files, a global 
configuration file, and then Individual ones for each 
package. The global file Is usually 
‘/etc/mirror.defaults’, and generally contains op¬ 
tions that relate to all downloads. What I have In 
mine Is: 

# This is the default mirror settings used by 
my site: 

# Crawford.emu.id.au 

# 

# Frank Crawford <frank@crawford.emu.id.au> 

# You should be able to use this at other 
sites. You should only have 

# to change bits that reference my site. 

package=defaults 

# The LOCAL hostname - if not the same 
as 'hostname' 

# (I advertise the name 
crawford.emu.id.au but the machine is 

# really bits.crawford.emu.id.au.) 
hostname=crawford.emu.id.au 

# Keep all local_dirs relative to here 
local_dir=/home/mirror/pub/ 

# The local_dir must exist FIRST 
#local_dir_check=true 

remote_password=root@Crawford.emu.id.au 
mail_to=root@Crawford.emu.id.au 

# Don't mirror file modes. Set all 
dirs/files to these 

dir_mode=0 7 5 5 
file_mode=04 4 4 

# By defaults files are owned by 
root.zero 

user=0 

group=0 

# # Keep a log file in each updated di¬ 
rectory 

# update_log=.mirror 
update_log= 

# Don't overwrite my mirror log with the 
remote one. 

# Don't pull back any of their mirror 
temporary files. 

# nor any FSP or gopher files... 

exclude_patt= | / ) ( \ .mirror$ | \ .mirror \ .logi cor- 
e$I\.cap I\.in\..*\.$|MIRROR\.LOG|#.*#|\.FSP|\.- 
cache|\.zippedi\.notar|\.message|lost\+found/|- 
Network Trash Folder)|suky.mpe?g 

# Do not to compress anything 
compress_patt= 
compress_prog=gzip 

# Don't compress information files, 
files that don't benifit from 
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# being compressed, files that tell 
ftpd, gopher, wais... to do things, 

# the sources for compression pro¬ 
grams . . . 

# (Note this is the only regexp that is 
case insensitive.) 

# z matches compress/pack/gzip, gz for 
gzip. (built into perl) 

# taz/tgz is compressed or gzipped tar 

files 

# arc, arj, Izh, zip and zoo are pc 
and/or amiga archives. 

# sea are mac archives. 

# vms used -z instead of .z. stupid 

vms . 

# shk is multimedia? used on appleis. 

# rpm and deb are package formats used 
on RedHat and Debian Linux 

compress_excl+I - 

z(\d+)?$I\.tgz|_tgz|\.tar\.Z|\.tar\.gz|\.taz$ | - 
\.arc$|\.zip$|\.lzh$|\.zoo$|\.exe$|\.lha$|\.zo- 
m$I\.gif$ I\.jpeg$I\.jpg$I\.mpeg$I\.au$I\.shk$|- 
rpm$Ideb$I read.*meI index|info IfaqIgzip|compres- 
s| (''|/)\.\.?$ 

# Don't delete own mirror log, .notar or 
.cache files (incl in subdirs) 

# 

delete_excl= ('' I /) \ . (mirror | notar | cache) $ 

# Ignore any local readme and .mirror 

files 

local_ignore=README . doc . ic I ('' I /) \ . (mirror | nota- 
r) $ 

# Automatically delete local copies of 
files that the 

# remote site has zapped 
do_deletes=true 
max_delete_files=50% 
max_delete_dirs=50% 
timeout=300 

#failed_gets_excl=\:\ Permission de¬ 
nied! . $ 

A couple of Important bits, most lines are of the 
form "<ke 5 ?word>=<value>" to set a value or else 
"<ke 5 tword>+<value>" to append additional Items to 
an existing Item. Values either consist of a simple 
entry or a regular expression used for various pat¬ 
tern matching. 

To mirror a site you will need to set up a configura¬ 
tion for the download. The format of this file Is simi¬ 
lar to the default configuration file, but with Item 
specific to that host. For example, my file to down¬ 
load Red Hat and Kernel updates Is called 
"ftp.aamet.edu.au" and contains: 


package=redhat-updates-6.2 

comment=RedHat 6.2 Updates 
site=ftp.aarnet.edu.au 

# where to start pulling files back from 
remote_dir=/pub/redhat/updates/6.2 

# where to put the files on your machine 
local_dir+RedHat/updates/6.2 

# exclude some items 

exclude_patt+I spare I mips I alpha ISRPMS 

package=linux-kernel-2.2 

comment=Linux 2.2 Kernel 
site=ftp.aarnet.edu.au 

# where to start pulling files back from 
remote_dir=/pub/linux/kernel/v2.2 

# where to put the files on your machine 
local_dir+Kernel-2.2 

# exclude some items 

exclude_patt+|2\.2\. [0-9]\. |2\.2\.1[0- 

3]\. 


This will mirror all the RedHat 6.2 update directory, 
and all kernel updates after 2.2.14. 

Once these files are setup, you can mirror the sys¬ 
tem by miming ‘mlrror.pl ftp.aamet.edu.au’, or just 
to test what It will do, mn ‘mlrror.pl -n 
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ftp.aamet.edu.au’. This will perform two separate 
downloads, one after the other, mailing output to 
the address given by "mlrror to" keyword. 

To run just this mirror regularly, all you need to do 
Is add a line to cron of the form: 

05 23 * * * root /usr/bin/mirror.pi 
/home/mirror/packages/ftp.aarnet.edu.au 

and then pick up the updated files In the directory 
specified by "local_dlr", which Is constructed from 
"/home/mlrror/pub" In ‘/etc/mlrror.defaults’ and 
either "RedHat/updates/6.2" or "Kernel-2.2" de¬ 
pending on which package Is running. 

One point Is that It Is better to run any mirror as a 
separate cron job, as It may often take a long time 
(which Is why you are mnnlng It this way after all). 
Of course, you may want to run a number In paral¬ 
lel, but rather than mnnlng It multiple times, the 
package also supplies another Perl script which will 
attempt to do some simple load balancing. 

This script Is called ‘mm.pi’ (for "mirror-master") 
and takes a configuration file (called ‘mmln’) of the 
form: 


# How many mirrors to run at the same time. 

# Over a 56K modem - what do you expect? 
max=4 

home=/home/mirror 

cmdin=/usr/bin/pkgs_to_mmin.pi packages/* 


which mns up to four jobs at once, one for each of 
the separate files listed In the ‘packages’ directory. 
This Is then controlled by a line In your crontab of 
the form: 

05 23 * * * root /usr/bin/mm.pl 
/home/mirror/mmin 

There are a couple of little gotcha’s I’ve found here. 
The biggest Is that the default mirror command In¬ 
voked by ‘mm.pl’ Is ‘./mirror’, l.e. It Is expected to 
be In "home" directory. This can be changed by a 
command In the ‘mmln’ file, but 1 found It simpler 
to put In a symbolic link to the real mirror program 
(due to all the extra arguments 1 had to add to the 
‘mirror’ command). 

A second point to note Is that ‘mm. pi’ refuses to try 
a package again. If It has been run recently, usually 
within the last 12 hours. This Is controlled by the 
file ‘mm.status’ generated by ‘mm.pl’. 

Finally, while ‘mlrror.pl’ deletes files. It refuses to 
delete them If It Is more than 50% of the files In a 
directory. This Is controlled by the 
"max_delete_flles" and "max_delete_dlrs" variables 
In ‘/etc/mlrror.defaults’ file. 

Of course, these days you also need to handle web 
sites that don’t know anything about FTP. There 
are two different packages that can help you here, 
‘wget’ or ‘curl’. I’m not going to go Into them here, 
rather I’ll leave It to you, the reader as an exercise. 
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Please let me know what you discover, and I’ll In¬ 
clude It In my next column. 

On that note I’ll leave off, hut please feel free to 
drop me a note about what you are doing. 1 am 
wondering If anyone finds any use In this column, 
or even has anything of their own to offer. Let me 
know. 
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Systems Engineer 

Biotechnology Company - Salary Neg. 

Expanding Biotechnology company based at Sydney suburb of Nth Ryde requires 
an experienced administrator to lead their small systems administration and sup¬ 
port team. Both hands on and Supervisory experience necessary as you will en¬ 
sure that c50 user network is adequately supported. You will also design and 
implement solutions for different user groups. Consequently good verbal and writ¬ 
ten communication skills are necessary. Your technical experience should com¬ 
prise the following: 

*systems admin, experience with NT, NT servers, Unix and Linux. 

*knowledgable re. high-end / enterprise hardware systems 

*managing & building TCP /IP networks. Firewalls, DMZ, Apache web servers, 
network topology, sub-networking and virtual hosting. 

*networking protocols such as LDAP, NlS-h, etc. 

*Samba & NT networking 

*NFS, NIS and communications between various forms of Unices. 

*DNS servers & internet domains 
*mail routing under Linux 

*setup & management of dialin servers & communications via Frame-relay, ISDN 
& ADSL. 

If you are interested in establishing a Managerial career with a company commit¬ 
ted to maintaining it‘s cutting edge IT environment, please E-mail your CV to An¬ 
gela Kerley or Mike Steele at: 

topjobs@carterandstone.com.au or Ph (02) 9955 5477 


cs 

CARTER 

A.r^i 3 

STC >NIF 


3 


For more information piease contact Angeia Keriey or Mike Steeie on 
Ph: (02) 9955 5477 &#149; Fax: (02) 9955 5898 
Emaii: Piease ciick the "Appiy Now” button beiow 
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anything to declare? 

You decide who to let into your network. 

But do you know what they're carrying ? 



Controlling viruses on ttie deslrtop is not enough anymore. No*v you need to »*ofry about 
malicious code, email attachment bonts, spoimers did URLs thot ere productivity sirte end 
even potential liability threats to yexr cofiptny. 

That's why Trend Micro provides InterScan, a VirusWall thot inspects end filters inbotnd and 
outtxxnd SMTP, HTTP and FTP traffic at the firewall and email server. 

Partners such os Check Point Conpoc; Hewlett-Packard Lotus, Lucent Technologies and Sir 
Microsystems hove oil chose Trend Micro to be o port of their seority solution offerings. 
For fvrther informotion call (OZ) 8876 5678 or email salesetrendTiicracom.au 


fljiTREND. 

MICRO 

_ your Internet VirusWair 

6 'mTnnlMcra He ’•! - t amva- ii t*. ^ tf Mr .. . 
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TIRED OF PAYING TOP DOLLAR FOR 
HOST CONNECTIVITY? 

Need to get your licensing in order? 


A complete professional connectivity suite for as iittle as 
$19* per copy enterprise voiume licensing 

(*conditions apply) 



Introducing SuperTCP Suite (from Frontier Technology) 
Full function connectivity at shareware prices!!! 

SuperTCP Suite allows users to access Mointrame, AS/400 and UNIX systems seamlessly from any 
windows desktop. 

SuperTCP’s 55 plus applications provides access to ALL host systems, mount and serve UNIX files, 
browse the internet, email anyone on the internet or intranet, run UNIX applications from any 
desktop, and MUCH more. 

This high end application suite also provides lightning fast data queries and file transfers, the 
most reliable host connections, and the most comprehensive set of management tools. All of this 
means less training time, simplified network operations and lower ongoing support costs. 

SuperTCP Suite includes: 

• XWindows 

• NFS 

• TCP Kernel for DOS and 16 bit Windows 

• TCP/IP Applications 

• Advanced Terminal Emulation Features (optional) 


For further Information contact us at: 



I hippo I 


www.hippocorp.com.au 
sales@hippocorp.com.au 
Phone:(02) 9876-4658 
Fax:(02) 9876-8599 


AUUGN Vol.21 • No. 4 


- 12 - 


December 2000 








Installing FreeBSD for 
1386 

Author; Jordan K. Hubbard 

Quick Start 

This manual documents the process of making a new 
Installation of FreeBSD on your machine. If you are 
upgrading from a previous release of FreeBSD, please 
see the file UPGRADE.TXT for Important Information 
on upgrading. If you are not familiar with configuring 
PC hardware for FreeBSD, you should also read the 
HARDWARE.TXT file - It contains Important Informa¬ 
tion which may save you a lot of grief 

If you’re new to FreeBSD then you should also read 
EVERYTHING listed In the Documentation menu of 
the Installer. It may seem like a lot to read, but the 
time you spend now reading the documents will be 
made up many times over because you were ad¬ 
equately prepared. Also, you will know the types of 
Information available should you get stuck later. 
Once the system Is Installed, you can also revisit this 
menu and use a WEB browser to read the Installed 
FAQ (Frequently Asked Questions) and Handbook 
HTML documentation sets for FreeBSD. You can also 
use the browser to visit other WEB sites on the net 
(like http://www.freebsd.org) If you have an Internet 
connection. See ABOUT.TXT for more Information on 
the resources available to you. 

The best laid plans sometimes go awry, so If you run 
Into trouble take a look at TROUBLE.TXT which con¬ 
tains valuable troubleshooting Information. You 
should also read ERRATA.TXT before Installing and 
follow the pointers there carefully since this will stop 
you from falling over any problems which have re¬ 
ported In the Interim for your parhcular release. 

DISCLAIMER: While FreeBSD does Its best to safe¬ 
guard against accidental loss of data. It’s still more 
than possible to WIPE OUT YOUR ENTIRE DISK with 
this Installation If you make a mistake! Please do not 
proceed to the final FreeBSD Installation menu un¬ 
less you’ve adequately backed up any Important data 
first! We really mean It! 

FreeBSD requires a 386 or better processor to run 
(sorry, there Is no support for ’286 processors) and at 
least 5 megs of RAM to Install and 4 megs of RAM to 
run. You will need at least 100MB of free hard drive 
space for the most minimal Installation. See below 
for ways of shrinking existing DOS parhtlons In order 
to Install FreeBSD. 

Installing FreeBSD from CDROM or 
the Internet 

The easiest type of Installation Is from CD. If you 
have a supported CDROM drive and a FreeBSD In¬ 
stallation CD from Walnut Creek CDROM, there are 2 
ways of starting the Installation from It: 


1. If your system supports bootable CDROM me¬ 
dia (usually an option which can be selectively en¬ 
abled In the controller’s setup menu or In the PC 
BIOS for some systems) and you have It enabled, 
FreeBSD supports the "El Torrlto" bootable CD stan¬ 
dard. Simply put the Installation CD In your CDROM 
drive and boot the system to begin Installation. 

2. Build a set of FreeBSD boot floppies from the 
flopples/dlrectory In every FreeBSD distribution. Ei¬ 
ther simply use the “makeflp.bat’’ script from DOS or 
read flopples/README.TXT for more Information on 
creating the bootable floppies under different operat¬ 
ing systems. Then you simply boot from the 
first floppy and you should soon be In the FreeBSD 
Installation. 

If you don’t have a CDROM and would like to simply 
Install over the net using PPP, slip or a dedicated 
connection, simply fetch the 
<FreeBSD-release>/flopples/boot.flp file from: 

ftp: //ftp.freebsd.org/pub/FreeBSD 
or one of Its many mirrors 

(http: //www.freebsd.org/handbook/mlrrors.html) 
and follow step 3 above. You should also read the 
flopples/README.TXT file as It contains Important 
Information for downloaders. 

Once you have your boot floppies made, please go to 
section 1.5 of this document for additional tips on In¬ 
stalling via FTP or NFS. 


Detail on various installation types 

Once you’ve gotten yourself to the Initial Installation 
screen somehow, you should be able to follow the 
various menu prompts and go from there. If you’ve 
never used the FreeBSD Installation before, you are 
also encouraged to read some of the documentation 
In the the Documentation submenu as well as the 
general "Usage" Instructions on the first menu. 

NOTE: If you get stuck at a screen, hit the FI key 
for online documentation relevant to that specific sec¬ 
tion. 

If you’ve never Installed FreeBSD before, or even If 
you have, the "Standard" Installation mode Is the 
most recommended since It makes sure 
that you’ll visit all the various Important checklist 
Items along the way. If you’re much more comfort¬ 
able with the FreeBSD Installation process and know 
_exactly_ what you want to do, use the Express or 
Custom Installation options. If you’re upgrading an 
existing system, use the Upgrade option. 

The FreeBSD Installer supports the direct use of 
floppy, DOS, tape, CDROM, FTP, NFS and UFS parti¬ 
tions as Installation media, further tips on Installing 
from each type of media listed below. 
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Installing from a network CDROM 

If you simply wish to Install from a local CDROM 
drive then see the Quick Start section. If you don’t 
have a CDROM drive on your system and wish to use 
a FreeBSD dlstrihutlon CD In the CDROM drive of 
another system to which you have network connectiv¬ 
ity, there are also several ways of going about it: 

1. If you would he ahle to FTP Install FreeBSD di¬ 
rectly from the CDROM drive In some FreeBSD ma¬ 
chine, It’s quite easy: You simply add the following 
line to the password file (using the vlpw command): 

ftp:*:99:99::0:0:FTP:/cdrom:/shln/nologln 

And anyone else on your network will now he ahle 
to choose a Media type of FTP and type in: 
“ftp://<machlne with CDROM drive>” after picking 
"URL" In the ftp sites menu. 

2. If you would rather use NFS to export the CDROM 
directly to the machlne(s) you’ll he Installing from, 
you need to first add an entry to the /etc/exports file 
(on the machine with the CDROM drive) which looks 
something like this: 

/cdrom -ro ziggy.foo.com 

To allow the machine "zlggy.foo.com" to mount the 
CDROM directly via NFS during Installation. The 
machine with the CDROM must also he configured as 
an NFS server, of course, and if you’re not sure how 
to do that then an NFS Installation Is prohahly not 
the hest choice for you unless you’re willing to read 
up on rc.conf(5) and configure things appropriately. 
Assuming that this part goes smoothly, you should 
he ahle to enter: cdrom-host:/cdrom as the path for 
an NFS installation when the target machine is in¬ 
stalled, e.g. wlggy: /cdrom 


Installing from Floppies 

If you must Install from floppy disks, either due to 
unsupported hardware or just because you enjoy do¬ 
ing things the hard way, you must first prepare some 
floppies for the Install. 

First, make your boot floppies as described In 
flopples/README.TXT 

Second, read the file LAYOUT.TXT and pay special at¬ 
tention to the "Distribution format" section since it 
describes which files you’re going to need to put onto 
floppy and which you can safely skip. 

Next you will need, at minimum, as many 1.44MB 
floppies as it takes to hold all files in the bln (binary 
distribution) directory. If you’re preparing these flop¬ 
pies under DOS, then THESE floppies *must* be for¬ 
matted using the MS-DOS FORMAT command. If 
you’re using Windows, use the Windows File Manager 
format command. 

Don’t trust Factory Preformatted floppies! Format 
them again yourself, just to make sure. Many prob¬ 
lems reported by our users in the past have resulted 
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from the use of improperly formatted media, which Is 
why I’m taking such special care to mention It here! 

If you’re creating the floppies from another FreeBSD 
machine, a format Is still not a bad Idea though you 
don’t need to put a DOS filesystem on each floppy. 
You can use the ‘dlsklabel’ and ‘newfs’ commands to 
put a UFS filesystem on a floppy, as the following se¬ 
quence of commands Illustrates: 

fdformat -f 1440 fdO. 1440 
dlsklabel -w -r fdO. 1440 floppyS 
newfs -t 2 -u 18 -1 1 -1 65536 /dev/rfdO 

After you’ve formatted the floppies for DOS or UFS, 
you’ll need to copy the flies onto them. The distribu¬ 
tion flies are spilt Into chunks conveniently sized so 
that 5 of them will fit on a conventional 1.44MB 
floppy. Go through all your floppies, packing as 
many files as will fit on each one, until you’ve got all 
the distributions you want packed up in this fashion. 
Each distribution should go into its own subdirectory 
on the floppy, e.g.: a:\bln\bln.lnf, a:\bln\bln.aa, 
a:\bln\bln.ab, ... 

IMPORTANT NOTE: The bln.Inf file also needs to go 
on the first floppy of the bln set since it is read by the 
installation program In order to figure out how many 
additional pieces to look for when fetching and con¬ 
catenating the distribution. When putting distribu¬ 
tions onto floppies, the <dlstname>.lnf file MUST oc¬ 
cupy the first floppy of each distribution set! This is 
also covered in ABOUT.TXT 

Once you come to the Media screen of the install, se¬ 
lect "Floppy" and you’ll be prompted for the rest. 


Installing from a DOS partition 

To prepare for Installation from an MS-DOS parhtlon 
you should simply copy the flies from the distribution 
Into a directory called "FREEBSD" on the Primary 
DOS partition ("Drive C:"). For example, to do a mini¬ 
mal installation of FreeBSD from DOS using files cop¬ 
ied from the CDROM, you might do something like 
this: 

C:\> MD C:\FREEBSD 

C:\> XCOPY /S E:\BIN C:\FREEBSD\BIN 

Assuming that ‘E:’ was where your CD was mounted. 

For as many ‘DISTS’ as you wish to install from DOS 
(and you have free space for), install each one in a di¬ 
rectory under ‘C:\FREEBSD’ - the BIN dlst is only the 
minimal requirement. 

Once you’ve copied the directories, you can simply 
launch the installation from floppies as normal and 
select "DOS" as your media type when the time 
comes. 


Installing from QlC/SCSl Tape 

When Installing from tape, the installation program 
expects the flies to be simply tar’ed onto It, so after 
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fetching all of the files for the dlstrlhutlons you’re In¬ 
terested In, simply tar them onto the tape with a 
command something like this: 

cd /where/you/have/your/dlsts 

tar cvf /dev/rwtO (or /dev/rsaO) dlstl .. dlst2 

When you go to do the Installation, you should also 
make sure that you leave enough room In some tem¬ 
porary directory (which you’ll he allowed to choose) to 
accommodate the FULL contents of the tape you’ve 
created. Due to the non-random access nature of 
tapes, this method of Installation requires quite a hit 
of temporary storage! You should expect to require 
as much temporary storage as you have stuff written 
on tape. 

SPECIAL NOTE: When going to do the Installation, 
the tape must he In the drive *hefore* hooting from 
the hoot floppies. The Installation "prohe" may other¬ 
wise fall to find It. 

Now create a hoot floppy as descrlhed In section 0.1 
and proceed with the Installation. 

Installing over a network using FTP 
or NFS 

After making the hoot floppies as descrlhed In the 
first section, you can load the rest of the Installation 
over a network using one of 3 types of connections: 

Serial port: SLIP / PPP 

Parallel port: FLIP (using ''laplink'' style 
cable) 

Ethernet: A standard Ethernet controller 

(including certain PCCARD devices). 

Serial Port 


SLIP support Is rather primitive, and Is limited pri¬ 
marily to hard-wired links, such as a serial cable 
running hetween two computers. The link must he 
hard-wired hecause the SLIP Installation doesn’t cur¬ 
rently offer a dialing capahlllty. If you need to dial 
out with a modem or otherwise dialog with the link 
before connecting to It, then 1 recommend that the 
PPP utility be used Instead. 

If you’re using PPP, make sure that you have your In¬ 
ternet Service Provider’s IP address and DNS Informa¬ 
tion handy as you’ll need to know It fairly early In the 
Installation process. You may also need to know your 
own IP address, though PPP supports dynamic ad¬ 
dress negotiation and may be able to pick up this In¬ 
formation directly from your ISP If they support It. 

You will also need to know how to use the various "AT 
commands" for dialing out with your particular brand 
of modem as the PPP dialer provides only a very 
simple terminal emulator. 


Parallel Port 


If a hard-wired connection to another FreeBSD or Li¬ 
nux machine Is available, you might also consider In¬ 
stalling over a "laplink" style parallel port cable. The 
data rate over the parallel port Is much higher than 
what Is typically possible over a serial line (up to 
50k/sec), thus resulting In a quicker Installation. It’s 
not typically necessary to use "real" IP addresses 
when using a point-to-point parallel cable In this way 
and you can generally just use RFC 1918 style ad¬ 
dresses for the ends of the link (e.g. 10.0.0.1, 

10.0.0.2, etc). 

IMPORTANT NOTE: If you use a Linux machine 
rather than a FreeBSD machine as your PLIP peer, 
you will also have to specify "llnkO" In the TCP/IP 
setup screen’s “extra options for Ifconflg” field In or¬ 
der to be compatible with Linux’s slightly different 
PLIP protocol. 


Ethernet 


FreeBSD supports most common PC Ethernet cards, 
a table of supported cards (and their required set¬ 
tings) being provided as part of the FreeBSD Hard¬ 
ware Guide (see the Documentation menu on the 
boot floppy or the top level directory of the CDROM). 
If you are using one of the supported PCMCIA Ether¬ 
net cards, also be sure that It’s plugged In _before_ 
the laptop Is powered on! FreeBSD does not, unfor¬ 
tunately, currently support "hot Insertion" of PCMCIA 
cards during Installation. 

You will also need to know your IP address on the 
network, the "netmask" value for your address class 
and the name of your machine. Your system adminis¬ 
trator can tell you which values are appropriate to 
your particular network setup. If you will be referring 
to other hosts by name rather than IP address, you’ll 
also need a name server and possibly the address of a 
gateway (If you’re using PPP, It’s your provider’s IP 
address) to use In talking to It. 

If you do not know the answers to these questions 
then you should really probably talk to your system 
administrator _flrst_ before trying this type of Instal¬ 
lation! Using a randomly chosen IP address or net- 
mask on a live network will almost certainly get you 
shot at dawn. 

Once you have a network connection of some sort 
working, the Installation can continue over NFS or 
FTP. 

NFS installation tips 

NFS Installation Is fairly straight-forward: Simply 
copy the FreeBSD distribution files you want onto a 
server somewhere and then point the NFS media se¬ 
lection at It. 

If this server supports only "privileged port" access 
(as Is generally the default for Sun and Linux work¬ 
stations), you will need to set this option In the Op¬ 
tions menu before Installation can proceed. 
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If you have a poor quality Ethernet card which suffers 
from very slow transfer rates, you may also wish to 
toggle the appropriate Options flag. 

In order for NFS Installation to work, the server must 
also support "suhdlr mounts", e.g. If your FreeBSD 
dlstrlhutlon directory lives on: 

wiggy:/usr/archlve/stuff/FreeBSD Then wlggy will 
have to allow the direct mounting of 
/usr/archlve/stuff/FreeBSD, not just /usr or 
/usr / archive / stuff. 

In FreeBSD’s /etc/exports file this is controlled hy 
the "-alldlrs” option. Other NFS servers may have 
different conventions. If you are getting ‘Permission 
Denied’ messages from the server then it’s likely that 
you don’t have this properly enabled! 


FTP Installation tips 

FTP installation may he done from any mirror site 
containing a reasonably up-to-date version of 
FreeBSD. A full menu of reasonable choices for al¬ 
most any location In the world is provided in the FTP 
site menu during Installation. 

If you are Installing from some other FTP site not 
listed In this menu, or you are having troubles getting 
your name server configured properly, you can also 
specify your own URL by selecting the "URL” choice 
in that menu. A URL can contain a hostname or an 
IP address, so the following would work in the ab¬ 
sence of a name server: 

ftp://192.216.191.il/pub/FreeBSD 

There are two FTP Installation modes you can use: 

o FTP: 

For all FTP transfers, use the standard "Active" 
mode for transfers. This will not work through most 
firewalls but ill often work best with older ftp servers 
that do not support passive mode. If your connection 
hangs with passive mode, try this one! 

o FTP Passive: 

For all FTP transfers, use "Passive" mode. This al¬ 
lows the user to pass through firewalls that do not al¬ 
low incoming connections on random port addresses. 

NOTE: ACTIVE AND PASSIVE MODES ARE NOT THE 
SAME AS A ‘PROXY’ CONNECTIONS, WHERE A 
PROXY FTP SERVER IS LISTENING ON A DIFFER¬ 
ENT PORT! 

In such instances, you should specify the URL as 
something like: 

ftp: //foo.bar. com: 1234/pub/FreeBSD 

Where "1234" Is the port number of the proxy ftp 
server. 
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Tips for Serial Console Users 

If you’d like to Install FreeBSD on a machine using 
just a serial port (e.g. you don’t have or wish to use a 
VGA card), please follow these steps. 

1. Connect some sort of ANSI (vtlOO) compatible ter¬ 
minal or terminal emulation program to the COMl 
port of the PC you are installing FreeBSD onto. 

2. Unplug the keyboard (yes, that’s correct!) and then 
try to boot from floppy or the installation CDROM, 
depending on the type of installation media you have, 
with the keyboard unplugged. 

3. If you don’t get any output on your serial console, 
plug the keyboard in again and wait for some beeps. 
If you are booting from the CDROM, proceed to Step 
5 as soon as you hear the beep. 

4. For a floppy boot, the first beep means to remove 
the kem.flp floppy and insert the mfsroot.flp floppy, 
after which you should press enter and wait for an¬ 
other beep. 

5. Hit the space bar, then enter 

boot -h 

and you should now definitely be seeing everything 
on the serial port. If that still doesn’t work, check 
your serial abllng as well as the settings on your ter¬ 
minal emulation program or actual termlnsil device. 
It should be set for 9600 baud, 8 bits, no parity. 

DOS user’s Question and Answer sec¬ 
tion 

Help! I have no space! Do I need to delete everything 
first? 

If your machine is already running DOS and has little 
or no free space available for FreeBSD’s installation, 
all is not lost! You may find the "FIPS" utility, pro¬ 
vided in the tools/ subdirectory on the FreeBSD 
CDROM or on the various FreeBSD ftp sites, to be 
quite useful. 

FIPS allows you to split an existing DOS parhtlon 
Into two pieces, preserving the original partition and 
allowing you to install onto the second free piece. 
You first "defrag" your DOS partition, using the DOS 

6. XX "DEFRAG" utility or the Norton Disk tools, then 
run FIPS. It will prompt you for the rest of the infor¬ 
mation It needs. Afterwards, you can reboot and in¬ 
stall FreeBSD on the new partition. Also note that 
FIPS will create the second partition as a "clone" of 
the first, so you’ll actually see that you now have two 
DOS Primary partitions where you formerly had one. 
Don’t be alarmed! You can simply delete the extra 
DOS Primary partition (making sure it’s the right one 
by examining Its size! :) 

NOTE: FIPS does NOT currently work with FAT32 or 
VFAT style partitions as used by newer versions of 
Windows 95. To spilt up such a partition, you will 
need a commercial product such as Partition Magic 
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3.0. Sorry, but this Is just the breaks If you’ve got a 
Windows partition hogging 

your whole disk and you don’t want to reinstall from 
scratch. 

Can I use compressed DOS Jilesystems from FreeBSD? 

No. If you are using a utility such as Stacker(tm) or 
DoubleSpace(tm), FreeBSD will only be able to use 
whatever portion of the filesystem you leave uncom¬ 
pressed. The rest of the filesystem will show up as 
one large file (the stacked/dblspaced file!). DO NOT 
REMOVE THAT FILE as you will probably regret It 
greatly! 

It Is probably better to create another uncompressed 
DOS extended partition and use this for communica¬ 
tions between DOS and FreeBSD If such Is your de¬ 
sire. 


Can I mount my DOS extended partitions? 

Yes. DOS extended partitions are mapped In at the 
end of the other “slices” In FreeBSD, e.g. your D: 
drive might be /dev/da0s5, your E: drive 
/dev/da0s6, and so on. This example assumes, of 
course, that your extended partition Is on SCSI drive 
0. For IDE drives, substitute “ad” for “da” ap¬ 
propriately. You otherwise mount extended partitions 
exactly like you would mount any other DOS drive, 
e.g.: 

mount -t msdos /dev/da0s5 /dos_d 


Can I run DOS binaries under FreeBSD? 

Ongoing work with ESDI’s doscmd utility Is bringing 
this much closer to being a reality In FreeBSD 3.0, 
though It still has some rough edges. If you’re Inter¬ 
ested In working on this, please send mall to 
emulatlon@FreeBSD.org and Indicate that you’re In¬ 
terested In joining this ongoing effort! 

There Is also a neat utility called "pcemu" In the ports 
collection which emulates an 8088 and enough BIOS 
services to run DOS text mode applications. It re¬ 
quires the X Window System (XFree86) to operate. 

Creating a Log Class 
in Perl 

Author: The Outrider Computing Journal 

One recurrent theme In my job as a database 
administrator/assistant systems 

administrator/systems analyst Is the need to keep 
track of what happened on the systems while 1 wasn’t 
watching. What did the cron job do last night. What 
did all those spooler daemons do while 1 was at 
lunch? In other words logging. It bothered me that 
there was a lack of simple tools for doing such a 
simple, redundant job. So, 1 set out to do build some 
myself My systems programming tool of choice Is 
Perl, so, that Is language 1 chose for the project. This 


journey took me out of my normal routine of stralght- 
llne Perl programming and dumped me In the land of 
Modules and Object Oriented Perl. I’m glad to say It 
didn’t overwhelm me and In fact 1 found It rather easy 
to write. 

My first order of business was to take my old standby 
logging routines and objectify them. 1 had several 
concise routines that 1 would either Import Into the 
main package through a use statement or just simply 
copy/paste depending on my mood and what 1 was 
doing. They consisted of four routines: start_logglng, 
stop_logglng, restart_logglng and log. 

sub start_logging{ 

local($log_file) = @_[0]; 
open(LOG,"$log_flie"); 

$log = 1 If LOG; 

} 

sub stop_logglng{ 

close (LOG) If ($log); 

$log=0; 
return 1; 

} 

sub log { 

local ($string) = @_[0]; 
if ($log) { 

print LOG &datetime,": 

$string\n"; 

return 1; 

} 

return 0; 

} 

Lot’s of room for Improvement there (1 left 
restart_logglng out because It only differed from 
start_logglng by one character. Instead of 
open(LOG,"$log_flle"); It had: open(LOG,"$log_flle"); to 
append to the log file and not overwrite It). This was 
quick and dirty code that, while It did the job, was 
not very simple to use. For example. If 1 needed to re¬ 
direct the output of a sub-process to the log file 1 
would have to say: stop_logglng(), then run that pro¬ 
cess and redirect Its output to the log then 
restart_logglng() again. It was Rather clumsy and dif¬ 
ficult to document. So, 1 set about to rewrite the rou¬ 
tines In an object oriented manner. 1 followed the 
’Three little rules’ as formulated by Lariy Wall In the 
objperl(l) man page and restated by Damian Conway 
In his book "Object Oriented Perl": 

Rule 1. To create a class, build a package 
1 created a new directory called File under one of the 
slte_perl directories that our perl executables looks In 
(1 found the directory by running "perl -V" and exam¬ 
ining the @1NC array). In the File directory 1 created a 
file called Log.pm . 1 set this file as Its own package by 
declaring a package name at the top of the file: 
package File::Log; 

Get the connection between the package hierarchy 
and the directory structure? 1 Included the standard 
packages 1 use for messages and file handles and 
such (good Perl programmers always use strict and - 
w): 

use strict; 
use FileHandle; 
use Carp; 

Rule 2. To create a method, write a 
subroutine 
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First, I wrote the _start_log method, 
sub _start_log { 

my ($self, @args) = @_; 
unlink $self-{'_logfile'}; 
$self-print("Begin logging"); 
return 1; 

} 

Pretty simple (we will look at the strange references In 
a moment). This looks nothing like the startjogging 
subroutine 1 started with. Where did 1 put the open 
for the log file? 1 had an Inspiration. 1 put the open 
and the close statements In the print method so my 
programs wouldn’t keep the log file open all the time. 
1 can then read the log file while the program Is run¬ 
ning and always see the latest logging Information. 
So, In fact 1 no longer even needed a start Jog 
method, but 1 did want to put an entry at the top of 
the log file so 1 would have an accurate log start time 
recorded. All 1 needed to do from here Is write the 
print method: 

sub print { 

my ($self, @args) = @_; 
unless($self-{ ' _fh' }-open ( "".$self- 
{'_logfile' })) { 

croak "Failed to open \"".$self— 
{'_logfile' } . 

} 

print {$self-{'_fh'}} $self— 
_datetime().": @args\n"; 

$self-{'_fh' }-close (); 

} 

1 have tried to sneak In some stuff without explaining 
It, but now 1 need to explain. Believe me this looks 
much more complicated than It really Is. First, the 
way In which an attribute of a class Is referenced Is 
like so: $self-{_logflle} (1 added the tic marks so that 
strict wouldn’t complain about bare words). This Is 
essentially a pointer to an attribute called Jogflle 
that belongs to the Instance of class Log called $self 
Where did that $self come from In the method? When 
you say this: $self-prlnt() Perl considers It a method 
call and It automagically passes the reference object 
as the first argument to the method. Hence the Idiom: 
my ($self, @args) = @_; 

as the first line of the method to extract the object 
reference from the "real" arguments. If 1 had written 
print as a subroutine within main without the File- 
Handle methods It would have looked something like 
this: 

sub print { 

local ($logfile, @message) = @_; 
open FH, "$logfile" or croak "Failed 
to open $logfile"; 

print FH datetime(), ",@message, 

"\n"; 

close FH; 

} 


With all of those ’-’ out of the way It looks cleaner but 
It Is not as flexible. Not to mention the fact that there 
would be confusion between the bullt-ln print routine 
and this subroutine (Perl wouldn’t be confused but 
programmers could easily be mislead). 

Rule 3. To create an object, bless a referent 


1 created a constructor method. In object oriented 
programming the standard name for a constructor 
method Is ’new’. 

sub new{ 

my ($class, @arg) = @_; 
my $self = bless { _logfile = 

$arg[0], _fh = new FileHandle, 

}, $class; 

$self-_start_log() ; 
return $self; 

} 

Bless Is a bullt-ln Perl function used to mark a vari¬ 
able as belonging to a particular class (or 
namespace). The ’new’ method blesses the object 
handle ($self), calls _startJog to initiate a logging ses¬ 
sion (and write that Initial line to the log) and then re¬ 
turns the object handle back to the calling routine so 
we can reference the object. Jogflle and _fh are the 
attributes of this new object and hold the log file 
name and the file descriptor respectively. 

Then 1 added the _datetlme method to the class. 1 will 
leave that out of this discussion since it merely re¬ 
turns the date and time In a readable format to 
prepend to each line of the log. 

That Is all there Is to It. But, there are a couple of 
things we ought to add. First of all In true object ori¬ 
ented programming there are two methods required 
for any class a constructor and a destructor. We al¬ 
ready have a constructor so let’s build a destructor. 
We’ll use some more Perl bullt-ln stuff to do this. Perl 
will automatically call a method called DESTROY for 
any object when It goes out of scope. It would most 
likely be able to handle this simple log object without 
any help but there Is one thing 1 would like to do 
when 1 am done logging. 1 want the program to write 
a final line so 1 have a quick method to determine If a 
process stopped short or finished processing and 
have an ending time for the log file. So here Is my de¬ 
structor: 

sub DESTROY { 

my ($self, @args) = @_; 

$self-print("End Logging"); 
undef $self-{'_fh'}; 
undef $self-{'_logfile'}; 
return 1; 

} 

This nicely frees up what little space was being used 
by this object and writes a short message to the end 
of the log. 1 have left the destruction of the object It¬ 
self for Perl to handle. Since this was so simple to do 
1 decided to add a few niceties Into the class while 1 
was there. 1 added this to the top of the file. 

{ 

my %_visible = 

( 

_logfile = undef, 

); 

sub _accessible { 

exists $_visible{$_[1]}; 

} 


- 18 - December 2000 


AUUGN Vol.21 • No. 4 



A hash that has the names of the attributes that I 
want to make publicly accessible (Its a simple matter 
to add to this list If 1 add attributes or want other at¬ 
tributes to be available) and an accessible subrou¬ 
tine to return true If a particular attribute Is acces¬ 
sible. The reason 1 wrote It this way was to make use 
of another Perl bullt-ln: AUTOLOAD. If the Perl Inter¬ 
preter comes to a method call that doesn't exist, It 
looks to see If there Is an AUTOLOAD method In the 
same class. It puts the non-existent method name In 
a variable called $AUTOLOAD and executes the AU¬ 
TOLOAD method. In my case 1 only want It to return 
the value stored In the attribute so 1 wrote this: 

sub AUTOLOAD { 

my ($self) = @_; 

$AUTOLOAD =~ /.*::get(_\w+)/ 

or croak "No such method: $AUTO- 

LOAD"; 

$self-_accessible ($1) 

or croak "No such attribute: $1"; 
return $self-{$l}; 

} 


This calls _accesslble to see If there Is a publicly ac¬ 
cessible attribute that looks like the method call 
without 'get' at the beginning and returns the value of 
the attribute If It exists. Got that? Let’s look at It this 
way: 1 want programmers to have access to the 
logflle attribute so that they can at any point recall 
the name of the log file being written to. So, 1 put 
logflle In the %_vlslble hash, which 1 have told my 
AUTOLOAD subroutine to look at for possible 
matches. So If 1 use a method like this: 
$log_flle_name = $log-get_logflleO; even though 1 
haven’t explicitly written a method called get_logflle It 
will return the contents of the attribute _logflle. Klnda 
neat, huh? 

Now to setup and write to log files In my programs Is 
simple: 

Use File::Log; 

# create a log file 

$log = new File::Log("mylogfile.log"); 

# write to the log 

$log-print("This is a log entry"); 

# redirect the sub-process to my log 
file 

system("my_sub_process" , "2&1", 

$log-{'_logfile' }) ; 

# write more stuff to the log 
$log-print("This is another log en¬ 
try" ) ; 

# close up the logging session 
undef $log; 

1 added a little bit more to the class than 1 described 
here. If you’d like a copy of the Log class In It’s com¬ 
plete form It can be found here Log, pm . 

This article is re-printed with permission. The original 
can be found at 

http: / /WWW. diverge, org/ outrider/200011plog. shtml 
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Releasing OSDA at 
AOSS2 

Author: Andrew van der Stock 
email: ajv@greebo.net 

Friday 

After a hectic week, 1 made my way from home to the 
airport with my frantically packed carry-on and lap¬ 
top, and thus to the Qantas Club with unseemly 
haste. 1 had a couple In the Club before boarding my 
flight to Adelaide. 

Once In Adelaide, 1 zoomed to the cafe where people 
from the conference were having dinner. 1 should 
have caught an earlier flight - 1 do like my food, but 
good company Is so much more. Adelaide didn’t dis¬ 
appoint on the cake and coffee front, and the com¬ 
pany was fine. 1 met up again with my friend Skud 
and met Sarah, one of the organisers, and a few of 
the other speakers for the first time. 


Saturday 

Got up a little too early; dang that half-hour time 
zone difference! Breakfast being delivered Is the nic¬ 
est part about staying away from home, and this was 
no exception. 

1 was dropped off by the cab almost at the conference 
venue, but since 1 needed to make a booking for a 
hire car for the next day, 1 didn’t mind too much. 1 
was a little early, and managed to organise a car and 
still be the first person to register for the day. Confer¬ 
ence attendees received these nifty packs with stuff In 
them, like Caldera’s Linux Technology Preview. 1 
thought 1 had every RedHat publication under the 
sun, so 1 avoided one of their folders, and so missed 
out on Red Hat 7.0 CD’s. Not a great loss. 

The conference kicked off well, with pretty good at¬ 
tendance for a smaller city like Adelaide. We had a 
quick pep talk from one of the local IT boosters, and 
then onto the main program. 

Dan Shearer: Open Source, Opening Doors 

A good talk aimed at Increasing OSS usage In compa¬ 
nies. The entry by stealth model Is falling away as the 
desired mechanism and how you can make money 
doing open source. 


Richard Sharpe: Cutting code in Qantas Club 

Richard Is probably best known for his Samba work, 
but this talk was more about Ethereal, which 1 use 
extensively. Richard didn’t have time to discuss how 
he codes at the Qantas Club, but 1 Imagine with the 
free booze and other distractions available there... :-) 
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Greg Lehey: Revamping the FreeBSD SMP 
implementation 

Excellent talk given by a master of the trade. Greg de¬ 
tailed how the new SMP Implementation differed from 
previous efforts, and the benefits of the new Imple¬ 
mentation. 


Michael Still: Panda 

Michael gave us a talk about his PDF enabled graph¬ 
ics library. Panda allows programs to directly output 
to PDF at the highest quality available to them. It’s 
still a work In progress, but It seemed to work nicely. 

Jay Schulist: Implementing Network Device 
Drivers in the Linux kernel 

Jay knew his stuff and he gave an excellent presenta¬ 
tion, showing us how easy It Is to make a working 
network driver. Of course. It was one that he had pre¬ 
pared earlier, but he did run make. 

Lunch was nice, and 1 had a good chat with various 
people. 

Geoffrey D. Bennett: The Katie revision con¬ 
trol system 

Katie Is a clearcase filesystem revision control sys¬ 
tem. It worked very nicely and with a bit of polishing 
will be an excellent tool for developers sick of CVS. 


Kirrily "Skud" Robert: Perl 6 

A good talk, certainly one of the more Interesting to 
me as they seem to be applying large scale software 
engineering to the open source model. 1 will be very 
Interested to see how this turns out. Skud used Mr 
Laptop who runs Wln2K. She still used a HTML pre¬ 
sentation, though 


Presentations, AUUG and SAGE-AU (and 
ISOC-AU) 

This one was a surprise for me as 1 didn’t expect to 
have to do this one. So 1 winged It. ISOC-AU were 
probably unaware of It as well, as no one was there 
who was a member (unusual) or from the exec. 1 pre¬ 
sented first and got the message across as to what 
SAGE-AU does for Its members (which Is quite a lot, 
but not everyone sees that). 

Afternoon tea 

1 was pleasantly surprised to be hunted down by Phil 
Kernlck. Phil Is one of our SAGE-SA members, but 
SAGE-SA doesn’t exist yet, and I’d like It to. Phil basi¬ 
cally demanded to be let run It, so by the time you 
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read this SAGE-SA should be off the ground. Yeehah! 
Who says conferences are a waste of time? 


Glen Turner: Writing programs for future 
networks 

Glen’s talk was excellent and 1 managed to talk to 
him later about IPv6, a major pet project of mine. 
AARnet are likely to be an excellent test bunny for my 
subversive Ideas. :-) 


Conrad Parker: Sweep 

About the only end user application presented at the 
conference, which made a pleasant change. Conrad 
showed off Sweep, a sound program that does for 
sound what Gimp does for graphics. Very nice. He 
gave out handouts with the Sweep plugin SDK. 


Andrew van der Stock: OSDA 

1 did the only PowerPoint presentation of the entire 
conference! :-) 1 couldn’t contact my ISP due to my 
modem dialling too fast for the hotel’s poor excuse for 
a PABX, so Luke’s maglcpolnt HTML simply didn’t 
come through In time. OSDA details can be found at 


Michael Neuling: Linux packet filtering 

Michael, one of the authors of IP chains, gave an 
overview of the more flexible NetFllter which Is due to 
appear In 2.4 when It finally finishes baking. As a se¬ 
curity freak, 1 enjoyed the talk. 

After the conference had finished, we headed off to 
the pub, and had a few drlnkles. North Terrace Is 
where the H 3 nrndal Excel Rice Boy Car Club has their 
unofficial 20 km/h drag races, so we saw a wide 
range of tricked up Excels. Very amusing. 

http: //www.rlceboypage.com 

After the pub, we walked clear across town to a Japa¬ 
nese restaurant. They took a long time to serve us, 
which detracted from an otherwise excellent feed. 
Again, the company was excellent. 1 had turned Into 
major pumpkin and decided to call It a night after 
that. The others pottered off with the change to an¬ 
other pub. 


Sunday 

Had a late breakfast and picked up the car and then 
Skud before driving out to Greg Lehey’s place. Skud 
doesn’t have a license 1 found out, and surprisingly 
enough for a SCA person, her navigational skills with 
a map were fairly rusty. Since I’m of the Dirk Gently 
school of thought when It comes to going places, we 
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missed our turn off and drove a little further than we 
expected to. 

Once we arrived a little after the 11 am start time, we 
found that we were the first lot of people to turn up 
there that day, with Luigi seemingly staying at Greg’s. 
Greg and his family live on acreage out In the coun¬ 
try. It made a nice change. It's only 35 minutes out of 
Adelaide, hut It really Is the country. 

They have a lovely rambling house, horses and whip¬ 
pets. Unfortunately, whilst we were waiting for the 
others to arrive, one of the family’s two cats was 
found dead on the highway outside the property. 
Luigi and Greg gave It a proper hurlal. 1 felt so had, 
and 1 thank Greg and his family for continuing on the 
BBQ. If Greeho or Meehles died, 1 would have sent ev¬ 
eryone home whilst 1 had a good hluhher. 


Despite this tragedy, we had a good lunch with 
mostly everyone turning up after getting lost In vari¬ 
ous ways. Greg gave us good directions, hut unfortu¬ 
nately, no one had a GPS receiver and metropolitan 
maps do not detail every little C road, and signage In 
South Australia could he better. 

Greg showed off his computer rooms. He has a wide 
variety of equipment In various stages of disrepair or 
working order. His guestrooms even have their own 
terminals. 

After a long day, Skud and 1 departed for the airport. 
Skud Is off to the wide white land of Canada soon. 1 
wish her well; she’ll do great at e-Smlth. 


Friday night 
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Advertisement 


Red Hat Linux 7 


You will find enclosed a copy of Red Hat Linux 7. This product Is Ideal for the experienced user, Red Hat Linux 
contains all the essentials to upgrade or Install a workstation or server. If you would like enhanced support fea¬ 
tures and applications, then you can purchase the deluxe or professional versions of Red Hat 7. To receive a 
list of dlstrlhutors email paclflcrlm@redhat.com 

Red Hat 7 Deluxe 

Red Hat Deluxe Workstation contains everything you need to Introduce yourself to Red Hat Linux 7. In addition 
to the award-winning Red Hat Linux operating system, Deluxe Workstation gives you Office Suites, PoweiTools, 
demos and full versions of numerous applications, plus services to help you get started. 

Red Hat 7 Professional 

Red Hat Professional Server contains everything you need to set up Red Hat Linux 7 for a serious server envi¬ 
ronment. In addition to the award-winning Red Hat Linux operating system. Professional Server gives you four 
bonus CDs of server-related software and two CDs of workstation applications plus the services to help you get 
started. Support entitlements Include 30 days telephone Installation support, 90 days weh-hased Installation 
support, 30 days weh-hased apache configuration support. 


Red Hat Training 


Red Hat Asla-Paclflc has a wide range of training courses designed for all levels of Red Hat Linux users. Red 
Hat offers the highest quality Linux and certification available. All Red Hat courses are taught by Red Hat In¬ 
structors who have achieved their RHCE. 

Skills Courses: 

RH300: Red Hat Certified Engineer 

Ensures that a person Is ready from a technical point of view for professional responsibilities In managing a Red 
Hat Linux system for common uses. 

Developer courses - Tracks for kernel and device driver developers and for application and GUI programmers. 

RHD143: Red Hat Linux Programming Essentials 

Trains you In skills for developing applications on Red Hat Linux 

RHD221: Red Hat Device Driver Training 

Designed to teach the experienced programmer how to develop device drivers for Linux systems 

Advanced courses 

RHD320: Red Hat Apache and Secure Web Server Administration 

For those who desire Intensive hands on training on configuration and management of an Apache web server. 

For more Information visit www.redhat.com/tralnlng/aslapac. 

To receive a discount for AUUG members email tralnlng-au@redhat.com 
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The Open 
Source Lucky Dip 

Con Zymaris 
conz @ cyber.com.au 

Welcome back. 

Hopefully you made It to either (or both oil) the AUUG 
Security S 5 rmposlum or the Australian Open Source 
Symposium over the past month or so. 1 had the 
chance to make It to one of them, and 1 was very Im¬ 
pressed by both the breadth and quality of the speak¬ 
ers. Do yourself a favour and book In the next 
AUUGN organised event. In this Industry you need to 
keep your proboscis ahead of pack, and attending 
these highly Informationally nutritious events Is a 
good start. Righto, let’s check out this edition’s pick¬ 
ings. 


### 

Report is, everyone who has seen the [Windows] code 
is now dead. They have all laughed themselves to 
death. 

— From a Slashdot discussion about the Microsoft 
"hack" 

### 


Java Media Framework 

A recent news Item from the Blackdown Java-Llnux 
Team announceed the availability of the JMF 2.1.1-- 
beta2 Performance Pack for Llnux/1386: 

According to the notes from the Team, the Java Me¬ 
dia Framework (JMF) Is an API for Incorporating au¬ 
dio, video and other time-based media Into Java ap¬ 
plications and applets. It Is an optional package that 
extends the multimedia capabilities on the Java2 
platform. 

For general Information about JMF and documenta¬ 
tion visit http://Java.sun.com/products/Java- 
media/Jnrif/ index, html 


Jumpgate 0.6 

Jumpgate Is a TCP connection forwarder that author 
Patroklos Argyroudls claims that provides many en¬ 
hancements and Improvements over the existing pro¬ 
grams that do the same thing. Read more here: 
http: //zlon. bsd.gr/ ~lnvlslbl/projects/ 


Meow 1.0 

From the wacky Unix tools collection, comes Meow. 
Apparently Meow Is a text stream monitor. Like the 
cat command. Meow accepts lines of text from stdln 

- 29 - 


and echos them to stdout. As Meow relays each line 
of text. It compares the line to a set of user-defined 
patterns, and If a match Is found. It plays the cor¬ 
responding sound file. The Intention of all this Is to 
make Meow Is an Ideal tool for monitoring system log 
files for specific events. 


New version of AMANDA released 

AMANDA (Advanced Maryland Automatic Network 
Disk Archiver,) for those that don’t know. Is a 
backup system that allows the administrator of a LAN 
to establish a single master backup server to perform 
backups of multiple hosts to a single tape drive. 
AMANDA uses native dump and/or GNU tar facilities 
and can back up a large number of workstations run¬ 
ning various versions of Unix. SAMBA Is also sup¬ 
ported so that AMANDE can be used to back up Mi¬ 
crosoft Windows 95/NT workstations and servers. 
More Information available here: 

http: / /WWW. amanda.org/ 


Relive past ZORK glories. 

Feel like blowing away many hours In the mindless 
pursuit of adventure? Just In time for the summer 
holidays Is Frotz. Frotz Is an Interpreter for playing 
all of Infocom’s text adventures and other Z-Machlne 
games. Written by David Griffith, Frotz compiles with 
Graham Nelson’s Z-Machlne standard vl.O, and runs 
well on most flavors of Unix. Download It from 
http: //www.cs.csubak.edu/~dgriffl/frotz/ 


GUI for Embedded Linux 

Linux seems to have opened up the world of embed¬ 
ded systems development for many developers. Palm- 
llke devices running Linux are popping up all over. If 
you are at all Interested In working with one of these, 
you’ll obviously need a GUI, and since X Is way too 
big for this form factor, you’ll need another GUI. Ac¬ 
cording to the people at the MlnlGUl consortium, 
MlnlGUl Is a mini graphical user Interface (GUI) sup¬ 
port system for Linux which provides an event-driven 
API for applications. MlnlGUl provides an application 
the ability to create multiple windows In multiple 
threads, and can draw In these windows without In¬ 
terfering with each other. MlnlGUl 0.3.xx has a 
Graphics Abstract Layer (GAL) and an Input Abstract 
Layer (lAL), so MlnlGUl can run on many Graphics 
Engines, Including SVGALlb and LlbGGl. By using 
GAL and lAL, MlnlGUl applications can run on X 
Windows as well. The MlnlGUl consortium also states 
that this makes debugging of applications and port¬ 
ing to other hardware easier. MlnlGUl provides native 
support for many Image types Including GIF, JPG, 
PCX, LBM/PBM, and BMP, support for TrueType and 
Adobe Typel fonts, and support for GB2312 and 
B1G5 charsets. MlnlGUl Is available as LPGL soft¬ 
ware, so It’s for all the family. More Information Is 
here: http://www.mlnlgul.org/ 
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NetBSD: Port it here, Port it there, 


Ok, It’s been around 6 months since the last release, 
but the NetBSD team have been busy beavers. For 
the minority reading this who don’t know, NetBSD Is 
a free, open source, highly portable, UNlX-llke operat¬ 
ing system available for many platforms, from 64-blt 
AlphaServers to handheld devices. Its followers are 
people who enjoy clean design and advanced fea¬ 
tures, and NetBSD Is known for Its reliability In pro¬ 
duction environments and Its Interest for research 
groups. NetBSD runs on thirty different system archi¬ 
tectures featuring eleven distinct families of CPUs, 
and Is being ported to more. But then, you knew that 
http://www.netbsd.org/ Is, of course, home. 



If you have any experiences us¬ 
ing Linux that you would like to 
share with other AUUGN read¬ 
ers, drop us a line at: 

auugn@auug. org. au 
We’d love to hear from you! 
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linux.conf.au 

Con Zymaris 
conz @ cyber.com.au 


The forthcoming Linux technical conference, 
llnux.conf.au, Is shaping up to he a most Interesting 
event. The number of Interesting talks scheduled 
makes for compelling reason to attend. Even for those 
not using Linux, there are a plethora of worthwhile 
subjects covered. Including Perl, Gnome, Security, 
DNS, MTAs, clusters, 2D/3D graphics, H.323 
comms, rsync, docbook and documentation of Open 
Source projects. I’ve Included the list here, as It was 
released by the conference organisers at the time of 
writing. 

Keynote Speakers 

Alan Cox, Dave Miller, Tridge 


Papers 

Cluster System Administration and GFS 
- John Goebel, Ken Preslan 


The Debian packaging system 

- Wlchert Akkerman 

This talk will explain the workings and design of the 
Debian packagemanagement system. This system 
consists of a lot of compononts that work together to 
provide an comprehensive system for managing a Li¬ 
nux or other Unix-like system.lt will cover ever 5 Thlng 
from the lowlevel tools to manipulate packages to 
friendly user Interfaces and utilities to make packag¬ 
ing easier. 

e-smith server and gateway 

- Klrrlly ’Skud’ Robert 

The e-smlth server and gateway Is a GPL’d llnux dis¬ 
tribution aimed at small to medium sized organisa¬ 
tions who require Internet services (mall, web server, 
proxies, collaboration tools, etc) without the sysad¬ 
min requirements of a general purpose Linux system. 
It Is quick and easy to Install, and Is administered 
primarily via a web Interface.Thls presentation takes 
a look at the technology underlying the e-smlth 
server and gateway system, and discusses some of 
the challenges faced by e-smlth In building an Open 
Source community of developers and users. Klrrlly 
"Skud" Robert (will have, by the time of the confer¬ 
ence) recently started working for e-smlth In Ottawa, 
Canada. 

GCTP and OpenFlock 

- David L. Slfry 


Gimp 1.2 & 2.0 
- Tuomas Kuosmanen 


Globally Distributed Content 

- Horms (Simon Horman) 

Electronic content made available over the Internet Is 
becoming Increasingly Important for providers and 
users alike. To provide the best possible service to 
end users It Is desirable for content to be network-- 
wise as close to client hosts as possible. Static mir¬ 
rors of sites are one means of distributing traffic be¬ 
tween sites and giving users the opportunity to con¬ 
nect to a site that will give them a good 
response. Instead of users manually selecting a mir¬ 
ror, It makes sense for the service provider to auto¬ 
matically direct clients to a site that will offer them 
good performance, that Is to have a load balancing al¬ 
gorithm In place. Once such algorithm Is to select cli¬ 
ents based using BGP to select which site has the 
least cost path to a given client. This paper will exam¬ 
ine the Implementation of such an load balancing 
scheme. 

Hardware accelerated image blending, rendering, scal¬ 
ing, anti-aliased text rendering - a reality on your 
desktop 

- Rasterman (Carsten Haltzler) 

Quietly In the bowels of some CVS repository In a gal¬ 
axy far far away some code has been brewing... The 
results? Antl-allased text In X with full hardware ac¬ 
celeration AND optimized software paths Included, 
hardware accelerated Image scaling and blending, to 
make stunning user Interfaces on the Linux desktop 
a reality. This paper will cover what was needed to get 
this far, the pitfalls of working on such a project and 
the great benefits and how to take advantage of the 
work that has gone Into this. 

How To Remotely Build and Manage a Linux Solution 
(or How Open Source Software Keeps Me From Driving 
to the CoLo at 3 AM) 

- Gregory J. Pryzby 

Linux Is growing In popularity. Reason differ, but 
commodity hardware and open source software (OSS) 
are two reasons. Both drive the total cost of owner¬ 
ship (TOO) down. If 1 can manage the systems re¬ 
motely and more efficiently, the TOO drops 
agaln.Uslng two OSS projects, VACM 
(http://vacm.sourceforge.net/) and Systemlmager 
(http://systemlmager.sourceforge.net/), 1 can re¬ 
motely Install, update, rebuild and power cycle sys¬ 
tems. Once the systems are Initially Installed, there Is 
no requirement for physically access the systems. All 
the changes and management required can be done 
over the Internet, securely-- even BIOS changes. 

Is 2D graphics the next killer appfor Linux? 

- Raph Levlen 

The compelling technical strengths of Linux and 
other free software systems In multitasking and net¬ 
working have brought ft considerable success In the 
area of Web servers. In this presentation, 1 demon¬ 
strate that the similar technical strengths free soft¬ 
ware Is gaining In 2D graphics, and argue that this 
area could be the next "killer app" for Linux. 
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IA64 Linux 

- Stephane Eranlan 

The Linux Device FUesystem 

- Richard Gooch 

The Device File-System (devfs) provides a powerful 
new device management mechanism for Linux. Un¬ 
like other existing and proposed device management 
schemes, It Is powerful, flexible, scalable and 
efflclent.lt Is an alternative to conventional dlsc-- 
based character and block special devices. Kernel de¬ 
vice drivers can register devices by name rather than 
device numbers, and these device entries will appear 
In the file-system automatically. 

Linux Standard Base 
Christopher Yeoh 

I’ll talk about the goals and reasons behind the devel¬ 
opment of the Linux Standard Base. The presentation 
will cover the current status of the specification, test 
suites and sample Implementatlon(s). Also discussed 
will be a summary of the current compliance of the 
different distributions, and POSIX compliance of the 
latest kernels and gllbc versions. It will describe port¬ 
ing and development of the test suites on Linux as 
well as their use as a general regression testing tool 
for kernel development. 

Leases & Directory Notification 

- Matthew Wilcox 

This paper describes how the Linux kernel was ex¬ 
tended to supply Leases & Directory notifications to 
applications. Leases allow an application to be noti¬ 
fied when a file Is modified, allowing that application 
the opportunity to cache changes until such time as 
they must become visible to others. Directory notifi¬ 
cation allows an application to be notified when the 
contents of a directory change. 

Memtest: Finding holes in the VM system 

- Juan J. Qulntela 

This paper describes the development of a test suite 
for the VM subsystem and several of the resulting 
programs In detail. A proposal for dealing with the 
shown bottlenecks are made. This suite of programs 
Is called memtest. The suite Is composed of several 
programs that generate different kind of lO and 
memory loads, such as writing big files (mmap*), us¬ 
ing a lot of shared memory (Ipc*), programs that do a 
lot of memory allocatlons/frees (mlsc*). This test suite 
Is not usable for benchmarking. It Is used to find 
bottlenecks. 

OpenH323 

- Craig Southeren 

Craig Is the co-founder of the Openfont23 project, an 
Open Source project that has been In operation for 
over two years. The code Is currently In use by major 
vendors such as Nortel and provides the only Open 
Source H.323 protocol Implementation 
available. H. 323 Is the protocol used for video and 
voice conferencing by programs such as NetMeetlng. 
We can, and have, been using Linux as our primary 
developmnent platform and have been making voice 
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and video calls over the planet via the Internet for 
over a year. 

Perl 6 

- Klrrlly ’Skud’ Robert 

In July 2000, at The Perl Conference 4.0, Larry Wall 
announced that development would begin on Perl 6. 
The primary Intention was to Improve the Internal 
code of the Perl Interpreter and make It easier to ex¬ 
tend and Improve. At the same time, the Perl develop¬ 
ment process would be restructured to (hopefully) en¬ 
courage more Input from the Perl community and to 
otherwise Improve the way In which Perl Itself was 
developed.Thls presentation reviews the first few 
months of Perl 6 development. Including the changes 
to the Perl community and development process, the 
Perl RFCs submitted as part of the pre-design brain¬ 
storming, the current state of Perl 6’s design, and the 
future of the project and of Perl Itself Klrrlly "Skud" 
Robert Is the chair of the Perl 6 language design 
working group, and Is actively Involved In the Perl 
community. 

Porting device drivers to the Linux 2.4 kernel 

- Jonathan Corbet 

Rproxy 

- Martin Pool 

Caches are used to good effect on today’s web to Im¬ 
prove response times and reduce network usage. For 
any given resource, such as an HTML page or an Im¬ 
age, the client remembers the last Instance It re¬ 
trieved, and It may use It to satisfy future requests. 
However, the current-system Is all-or-nothing: the re¬ 
source must either be exactly the same as the cached 
Instance, or It Is downloaded from scratch.A far better 
approach would be for the server to download a de¬ 
scription of the changes from the old Instance to the 
new one: a ‘dlff or ‘delta’, rproxy adds backwards-- 
compatlble extensions to HTTP that come Into opera¬ 
tion when two parties to a web request understand 
the ‘hs 3 mc’ encoding, rproxy can be Inserted as a 
stand-alone proxy so that neither the server nor cli¬ 
ent need be changed. We plan to Integrate the rproxy 
Into popular web software Including Squid and 
Mozllla In the near future. 

Rsync, TDB, Gzip and Apt-Proxy: A Hacker’s Tale 

- Rusty Russell 

This meandering talk will discuss one humble coder’s 
attempt to reduce bandwidth consumption of 
constantly-upgrading Deblan users In the Llnuxcare 
OzLabs office. It will follow this hacker’s journey from 
one quick hack (apt-proxy) to a more significant hack 
(gzlp --rsyncable), climaxing In a series of modifica¬ 
tions to rsync Itself Including a minor tour Into An¬ 
drew Trldgell’s Tiny DataBase. It shows how a series 
of small, persistant hacks have the power to change 
the world as we know ft. Or not. 

Scratching An Itch, With and Without Help 
-Hugh Blemlngs 

This paper examines open source projects with par¬ 
ticular reference to the different challenges that come 
from working with and without hardware vendor 
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support. To provide context a discussion of the 
"Scratching An Itch" principle of open source develop¬ 
ment will he presented. The principle "without" case 
examined Is gnokll, an open source project that pro¬ 
vides tools and drivers for NoklafTM) mobile phones 
under Linux, BSD and other operating systems. The 
primary "with" case presented Is the process of writ¬ 
ing Linux kernel drivers for the KeyspanfTM) range of 
USB to serial adapters. 

Too Little, Too Slow: Linwc 2.5 Memory Management 

- Rlk van Riel 

In Linux 2.5 virtual memory management will see 
some considerable changes. One of the main prob¬ 
lems with the current Linux memory management Is 
that sometimes we cannot make a proper distinction 
between pages which are In use and pages which can 
be evicted from memory to make room for new 
data. In order to Improve that situation and make the 
VM subsystem more resilient against wildly variable 
VM loads, we will use Ideas from various other oper¬ 
ating systems to Improve Linux memory manage¬ 
ment. The main page replacement routine will use 
the active. Inactive and scavenge (cache) lists as 
found In FreeBSD. This mechanism maintains a bal¬ 
ance between used and old memory pages so there 
will always be "proper" pages around to swap. In ad¬ 
dition to this there will probably be things like dy¬ 
namic and administrator settable RSS limits, anti 
hog code to prevent one user or process from hogging 
the machine and slowing down the rest of the ma¬ 
chine and per-user memory accounting. 

Userspace: The Final Frontier, or "Fear and Loathing 
In sysdeps/hppa/" 

David Hugglns-DalnesSo, your port of Linux to a new 
architecture works. The kernel cross-compiles, links, 
and boots on your hardware. You’ve Implemented 
system calls and memory management, and managed 
to boot It Into a shell prompt. You’ve ported Ethernet 
and SCSI drivers and built a few simple programs so 
you could test them. Wow! Isn’t that cool? So, what 
do you do next?Thls talk Is about bootstrapping the 
GNU system on a new port of Linux. This Includes a 
discussion of kernel support for userspace. Interac¬ 
tions between GNU llbc and the kernel, and, last but 
not least, ELF dynamic Unking. It draws on my expe¬ 
riences bootstrapping Deblan GNU/Llnux on the port 
of Linux to the PA-RISC architecture. 

YAMA (Yet Another Mail Architecture) 

- Mlkolaj J. Habryn 

Mlkolaj presents YAMA (Yet Another Mall Architec¬ 
ture), featuring 350k users, geographic redundancy, 
no license fees and a case study In large clustered 11- 
nux systems running open source software doing real 
work.Also touching on how to deploy and manage 
distributed clusters counting hundreds of Individual 
member servers without an operations or administra¬ 
tion team, and some of the trials and tribulations 
(mostly technical, some political) Involved In getting 
such an "alternative" system accepted. 


Work in Progress Presentations 
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bewdy, Maaate! 

Silvia Pfeiffer 

MPEG Maaate Is an audio analysis toolkit for MPEG- 
encoded audio files, bewdy Is a graphical user Inter¬ 
face to play around with the analysis modules and re¬ 
sults of the MPEG Maaate libraries. MPEG Maaate 
has has been published under the GNU GPL and can 
be found under 

http: / /WWW. cmls.cslro.au/dmls/Maaate/. With the 
vast amount of multimedia data online, content-- 
based access to multimedia files becomes more and 
more Interesting to users. One type of multimedia 
files widely used nowadays are MPEG-encoded audio 
files (MPEG-1 layers 1, 2, 3 (MP3)). MPEG Maaate 
supports the extraction of structure and content of 
such audio files. 

GEGL: An Advanced, Flexible 2D-lmaging Library 

- Manlsh Singh 

In the field of digital Imaging, there are myriad ways 
to store and represent Image data. Many of the algo¬ 
rithms used for processing Image data are the same, 
regardless of the data format. However, to efficiently 
and accurately process such data, the code should 
handle that data format natively. Creating and main¬ 
taining a library of algorithms by hand for each for¬ 
mat you want use Is time consuming and error 
prone. Enter GEGL. GEGL defines a generic way of de¬ 
scribing an Image processing algorithm, so you only 
write the code for It once. It will then autogenerate 
the code for the specific Image format cases you want. 
To handle a new format, one just needs to write a 
backend specification. Instead of relmplementlng all 
the algorithms by hand. The algorithm descriptions 
themselves are simple and managable, but you get 
fast, optimal code autogenerated. This Is similar In 
vein to the approach GCC takes as a retargetable 
compiler. 

irc++ 

- Liam Quin 

Internet Relay Chat (IRC) provides an International 
textual chat facility used by hundreds of thousands 
of people world wide. As IRC has grown, problems 
have become apparant both In the scalability of the 
Implementalton and In the network protocl It 
uses.Thls paper describes these problems In more de¬ 
tail and also Introduces new software (lrc++) Intended 
to address these problems. The lrc++ system Is com¬ 
patible with existing IRC clients, and also provides 
some MUSH/MUD/MOO-llke facilities. 

Outdoor Augmented Reality With Wearable Computers 
Running Linux 

- Wa 5 me Plekarskl 

This paper describes In detail the research work be¬ 
ing performed at the Wearable Computer Lab In the 
University of South Australia. Our primary research 
work Is being performed In the area of Augmented Re¬ 
ality (AR). AR Is the process of overlaying computer-- 
generated graphics over the real visible world In real 
time. It Is similar to current virtual reality (VR) tech¬ 
niques, except the displays used are transparent. Us¬ 
ing portable wearable computers. It Is possible to 
build an AR system to take outdoors, allowing us to 
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visualise structures that only exist In a computer, 
along with the real world, at the same time. 

State of SparcLinux on high-end sewers 
- Anton Blanchard 

From Anton’s submission: "We got SparcLinux to 
hoot on a sun El Ok a few weeks ago and 1 am looking 
Into supporting such large machines hetter. This In¬ 
cludes scaling hetter with large numbers of cpus but 
also supporting hot swapping of cpus, RAM and 
devices. "Anton has now been poked for a more de¬ 
tailed summary. Thanks to all avid pokers out there, 
you may stop now. 

TLB Sharing In LA-64 Linux 
Alan Au, Gernot Reiser 

It Is well known that TLB miss handling and hence 
TLB coverage Is often a crucial bottleneck In overall 
operating system performance. This fact Is becoming 
compounded by TLB sizes that have not scaled along 
with a trend towards Increasingly larger memory sys¬ 
tems. The traditional approach to Increasing TLB cov¬ 
erage Is to use larger page sizes. However, this solu¬ 
tion Is non-general and, worse still, leads to possible 
adverse paging effects. Intel’s newly released lA-64 
architecture provides unique system features which 
allow memory translation and protection to be done 
orthogonally. By using this support and drawing on 
aspects of single address space operating system (SA- 
SOS) technology, a novel memory managment 
scheme for Improving TLB coverage In Linux Is pre¬ 
sented here. 


Tutorial Sessions 

Bonobo, the GNOME component model 

- George Lebl, Maclej Stachowlak 

This will be a larger-format tutorial style workshop on 
Bonobo, the GNOME component model. Both the 
theory behind Bonobo and CORBA and detailed ex¬ 
amples will be discussed. It Is Intended for people 
falmlar with GNOME programming wishing to use 
Bonobo In their applications. Here Is an brief outline 
of the workshop. Time for Q & A will be given at the 
end of each section. 

How to maintain DNS, DHCP and YP tables from a 
unique host file 

- Marc Merlin 


Introduction to using DocBookfor application documen¬ 
tation 

- Malcolm Tredlnnlck 

Learning to use the DocBook DTD, and derivatives 
thereof, presents a reasonably steep Initial learning 
curve. For many people who use DocBook for writing 
articles and books, the solution Is often to read one of 
the many Introductory tutorials available on the In¬ 
ternet or to leverage some previous (open source) 
document and use It as a template. 


Using CVS 

- Malcolm Tredlnnlck 

CVS Is used throughout Open Source community as 
a means of providing up-to-the-minute sources for 
users and coordination amongst developers. Many or¬ 
ganisations also use It Internally for their developers, 
since, once setup correctly. It requires very little work 
on a day-to-day basis. 


Birds of a Feather Sessions 

Debian 

Wlchert Akkerman 

Documentation 
Malcolm Tredlnnlck 

Security+ 

Peter Nixon 

Universal Serial Bus 
Brad Hards 
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Interfacing with Java 
from PHP 

Author: Bard Farstad 


PHP4 ext/java provides a simple and effective means 
for creating and Invoking methods on Java objects 
from PHP. This article will give you a quick tutorial 
on how to use the PHP Java extension. 


42 + 4 = 46 
IQQl - 42 = 95Q 
1Q24* 4 = 4096 
1024/4 = 2S0 

Type ttvo numbers: 



Screenshot of Java and PHP in action. 

As you probably know PHP lacks some object ori¬ 
ented functionality. It has the basics, but stuff like: 
virtual functions, destructors, function overloading 
and private functions/variables are missing. Still PHP 
has many benefits, and it is a great language to use 
for website building. This article will demonstrate the 
ability PHP has to interface with a java class, using 
the java extension to PHP. 

So what is ext/java? The README file that comes 
with ext/java has the following definition: 

PHP4 ext/java provides a simple and effective means 
for creating and invoking methods on Java objects 
from PHP. The JVM is created using JNl, and every¬ 
thing runs in-process. 

The Java extension is written and maintained by Sam 
Ruby. For details about how to install ext/java see 
the README file which comes with PHP. The readme 
file is also listed in full at the last page of this tuto¬ 
rial. 

Java and PHP 

In this small tutorial 1 will show you how to make a 
simple calculator using a java class to calculate the 
results and PHP to present the results and interface 
with the user. The example code can be tested here. 

We will first start with the calculator class. I’ve called 
the class eZCalc. The code is shown below: 


public class eZCalc 

{ 


float NumberA, NumberB; 

public eZCalc( ) 

{ 

NumberA = 1; 

NumberB = 1; 

} 

public void setA( float a ) 

{ 

NumberA = a; 

} 

public void setB ( float b ) 

{ 

NumberB = b; 

} 

public float multiply 0 

{ 

return NumberA * NumberB; 

} 

public float divide 0 

{ 

return NumberA / NumberB; 

} 

public float add() 

{ 

return NumberA + NumberB; 

} 

public float subtract!) 

{ 

return NumberA - NumberB; 

} 

} 

The magic 

I’ve decided not to use templates in the .php file due 
to simplicity. If you want to know more about how to 
separate the html tags from the PHP code you can 
read the article about block templates here 

The contents of the PHP file is shown at the end of 
the article as a whole. Study this code and 1 will try to 
explain the basic behavior of the code. 

First off 1 want to mention the fact that you can In¬ 
stantiate Java classes and use them as PHP objects 
directly In the PHP code. The code snippet below 
shows how you can instantiate the eZCalc class into 
a PHP object called $calc. You can call member func¬ 
tions on the $calc object directly, as shown in the ex¬ 
ample. Note that you should manually set the type of 
the PHP variables sent as arguments to the Java ob¬ 
jects. This is due to the large difference in types be¬ 
tween PHP and Java. The example below demon¬ 
strates how you set the values used for calculation in 
the Java object. 


// create a new java object, $calc 
$calc = new Java ( "eZCalc" ); 

// force the type to be compatible with 
Java types 
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$nuriiberl $operator $nuriiber2 = 


setType ( $numberl, "double" ); 
setType ( $number2, "double" ); 
$calc->setA( $numberl ); 

$calc->setB ( $number2 ); 

Now lets see how the calculation works. First off we 
have four calculation types In our calculator; add, 
suh, mul and dlv. We switch on the different types 
and call up the $calc object with the correct calcula¬ 
tion type, e.g. $result = $calc->suhtractO;. Here the 
Java object returns the value calculated Inside the 
Java object. 

In this example 1 have only used simple types to com¬ 
municate between Java and PHP. You can also ex¬ 
change arrays between Java and PHP. Objects cannot 
be exchanged between PHP and Java. 

$operator = 

switch( $calctype ) 

{ 

case( "add" ): 

$result = $calc->add(); 

$operator = 
break; 

case( "sub" ) : 

$result = $calc->subtract (); 

$operator = 
break; 

case( "mul" ): 

$result = $calc->multiply(); 

$operator = 
break; 

case( "div" ) : 

$result = $calc->divide (); 

$operator = "/"; 
break; 

} 

Source listing 

The full source code for the example is listed below. 

<html> 

<head> 

<tltle>The fantastic java calculator</tltle> 

</head> 

<body> 

<?php 

$result = 0; 

lf( lsset( $numberl ) && lsset( $number2 ) ) 


} 

$stack .= 

$result<br>"; 

print ( "<h2>$stack</h2>" ); 

} 


?> 

<hl>Type two numbers:</hl> 

<form action="ezcalc.php" method="post"> 

<table bgcolor="#eeeeee" cellspacing="0" 
cellpadding="3" border="0"> 

<tr> 

<td> 

Number 1: 

</td> 

<td> 

Calculation method: 

</td> 

<td> 

Number 2: 

</td> 

</tr> 

<tr> 

<td> 

<input type="text" 

name="number1"> 

</td> 

<td> 

kselect name="calctype"> 
koption 

value="add">Add</option> 

koption 

value="sub"> Subt ract k/option> 

koption 

value="mul">Multiplyk/option> 

koption 

value="div">Dividek/option> 

k/select> 

k/td> 

ktd> 

kinput type="text" 

name="numbe r2"> 

k/td> 

k/tr> 

k/table> 

kinput type="Submit" value="Calculate"> 
kinput type="hidden" value="k?php print( 
$stack ) ?>" name="stack"> 

k/form> 
k/body> 
k/html> 


This article is re-printed with permission. The original 
can be found at www.zez.org 


$calc = new Java( "eZCalc"); 
setType! $numberl, "double"); 
setType! $number2, "double"); 
$calc->setA! $numberl ); 

$calc->setB! $number2 ); 

$operator = 
switch! $calctype) 

{ 

case! "add"): 

$result = $calc->addO; 

$operator = 
break; 

case( "sub" ): 

$result = $calc->subtract(); 

$operator = 

break; 

case( "mul" ): 

$result = $calc->multiply(); 

$operator = 

break; 

case( "div" ): 

$result = $calc->divide(); 

$operator = "/"; 

break; 
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Fun with Regular Ex¬ 
pressions 

by Adrian J. Chung 
ajchung@email.com 

Many of the text processing GNU tools Include a pow¬ 
erful pattern matching mechanism called Regular Ex¬ 
pressions. A more or less complete Implementation Is 
supported hy a utility called "egrep". Other text utili¬ 
ties such as "gawk" also support regex’s. Some tools 
like "sed" and "grep" support an older less powerful 
regex syntax. Perl Implements a regex variant that 
has proven so popular that the same syntax Is used 
In Python regex’s. 

For the rest of this article we’ll he using the POSIX 
standard regular expressions as supported hy 
"egrep". 

"egrep" Is a tool that searches for substrings. The fol¬ 
lowing command will output the lines of the 
/etc/lnlttah file that contain the string "Inl". Note 
that "Inl" does not have to appear as a word hy Itself 

$ egrep ini /etc/inittab 

We can search for digit strings also: 

$ egrep 321 /etc/termcap 

One may he Interested only In the lines that start 
with the given target string. We use the special char¬ 
acter ^ which will match the heglnnlng of a line. To 
search a dictionary for words that start with "rege": 

$ egrep ^rege /usr/dict/words 

Similarly, special character $ can he used to match 
the end of a line. We can now answer the age old 
question -- what words end In "gry"? 

$ egrep 'gry$' /usr/dict/words 

The single forward quotes are needed to prevent the 
command shell (hash In this case) from Interpreting 
the special characters before passing them to egrep. If 
you want to match any of these special characters so 
that they no longer have any special Interpretation 
within egrep, precede them with a backslash: 

$ egrep '\^Q' /etc/termcap 

This matches a two character substring of ^ followed 
by "Q". 

A single period matches any single character. To find 
all three letter words starting with "p" and ending 
with "n": 

$ egrep '^p.n$' /usr/dict/words 

Note that this pattern matches both the start and end 
of the line In order to force an exact match rather 
than just a substring, "egrep" has an option to enable 


this behavior so that the ^ and $ become unneces¬ 
sary: 

$ egrep -x 'p.n' /usr/dict/words 

Sometimes the period Is too general and one needs to 
match a more restricted range of characters. This 
command: 

$ egrep 't[aeiou]p$' /usr/dict/words 

outputs all words containing "tap", "tep", "tip", "top", 
or "tup". Instead of enumerating all matching charac¬ 
ters, a range can be specified: 

$ egrep ':[3-5][0-9]/etc/termcap 

Date stamps where the minutes field Is In the latter 
half of the hour are extracted. Ranges also work with 
letters: 

$ egrep '^[n-t].[aeiou]$' 

/usr/diet/words 

This finds all three letter words beginning with the 
letter "n", "o", "p", ..., or "t", and ending with a vowel. 
Ranges and enumeration may be mixed: 

$ egrep -x '.[aeit-z]' /usr/dict/words 

lists all two letter words ending In "a", "e", "1", or any 
letter from "t" through to "z". If the leftmost character 
between the [] Is a ^ then the match Is negated: 

$ egrep -ix ' [^n-t] [^aeiou] 
/usr/dict/words 

finds all three letter words beginning In any character 
other than the letters "n" through "t", with a conso¬ 
nant for the second letter. The "-1" option makes the 
match case Insensitive. Words like "Sri" and "DEC" 
are omitted. 

The ’\<’ and ’\>’ combinations match the beginning 
and end of complete words respectively: 

$ egrep '\< r' /etc/passwd 

matches lines that contain words beginning with "r". 

$ egrep 't\>' /etc/inittab 

matches lines with words ending In "t". 

The * Is a repetition operator. Any pattern that Im¬ 
mediately precedes It, can match zero or more times: 

$ egrep 'ho*t$' /usr/dict/words 

matches word such as "fight", "hot", and "hoot". It will 
even match "hooooot" If It were In the dictionary. 

$ egrep '^s.*ho*t$' /usr/dict/words 

shows the effect of * on special patterns like the 
single period. It Is the equivalent of having zero or 
more periods In the regular expression. Words like 
"sleight", "snapshot", and "sharpshoot" match. 
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$ egrep -ix ' [^e]*e[^e]*' 

/usr/diet/words 

finds all words that use exactly one "e" 

$ egrep -ix '[a-ep]*' /usr/dict/words 

finds all words spelt using the letters "a","h", "c", "d", 
"e", and "p" only. Slmllary, + makes the preceding 
pattern match one or more times. Expression ’ot+o$’ 
Is equivalent to ’ott*o$’. 

$ egrep '^s.*ho+t$' /usr/dict/words 

matches "shot" and "shoot" hut not "sleight". 

$ egrep -i 'f.+f' /usr/dict/words 

lists words that contain two non-adjacent fs. 

Here are some more repetition operators. List all 
three letter words: 

$ egrep -x '.{3}' /usr/dict/words 
All words at least 19 letters long: 

$ egrep -x '.{19,}' /usr/dict/words 

And words hetween 11 and 14 letters In length, Inclu¬ 
sive: 

$ egrep -x '.{11,14}' /usr/dict/words 

Find words with at least 4 consecutive vowels: 

$ egrep ’[aeluo]{4}’ /usr/dict/words 

Find a word with six consecutive consonants, exclud¬ 
ing "y": 

$ egrep -1 ’[''aelouy]{6}’ /usr/dict/words 

(People that frequent central London will know this.) 

The ? Is equivalent to {0,1}: 

$ egrep -x ’po?l.’ /usr/dict/words 

matches "ply", "pole", "poll" and "polo", but not 
"pools". 

A I In the regular expression acts like a boolean OR: 

$ egrep -lx ’p.nib.+ght’ /usr/dict/words 

outputs words matching either ’p.n’ ("pin", "pan", etc) 
or ’b.+ght’ ("brought", "blight", etc.) 

$ egrep -x ’b(ealoo).’ /usr/dict/words 

matches "bead" and also "book". Patterns joined with 
I need not be the same length: 

$ egrep ’''s(hal o)p’ /usr/dict/words 

matches both "shape" and "soprano". Note the use of 
rounded brackets to delimit the reach of the I 


operator. The () can also define the scope of the rep¬ 
etition operators: 

$ egrep -i '({aeiou]{^aeiou]){7}' 

/usr/diet/words 

lists words with 7 alternations of vowel and conso¬ 
nant. 

$ egrep -ix ' {^s]*s({^s]+s) {2, } {^s]*' 
/usr/dict/words 

finds all words containing at least 3 occurances of the 
letter "s", none of which are adjacent to each other. 

Parenthesis have another Important use. Any text 
that matches the pattern enclosed In the () Is stored 
temporarily. This text can then be referred to later In 
the same expression. In the following command the 
parenthesis encloses a pattern matching any single 
vowel: 

$ egrep ' ( {aeiou])\1' /usr/dict/words 

The \ 1 now refers to whatever vowel that was 
matched, hence this regex matches words containing 
"aa", "ee", "11", "oo", or "uu". When there Is more than 
one pattern In parenthesis, the matched text Is refer¬ 
enced by \1, \2, etc. 

$ egrep -x ' (.) (.)\2\1' /usr/dict/words 

matches words like "deed", "noon", etc. Each (.) 
matches a single letter, and the \2\1 must match 
these same letters but In reverse order In which they 
previously appeared. 

$ egrep -ix '(.)(.)(.).*\3\2\1' 

/usr/diet/words 

lists words whose last three letters are the same as 
the first three letters reversed. 

A more complicated example: 

$ egrep '^ (. ) .+\1\1.+\1$' 

/usr/diet/words 

What does It do? It returns words like "enfeeble", 
"gagging", and "sicknesses". The parenthesized pat¬ 
tern matches the first letter In the word. Any match¬ 
ing text must also end In this letter, and must also 
contain this same letter doubled somewhere In the 
middle. 

Patterns within parenthesis can be of any length: 

$ egrep -i '(.{5}).+\l' /usr/dict/words 

lists words that contain a subsequence of 5 letters 
more than once. 

And finally a really advanced example: 

$ egrep -ix '(.).*(\l.+).*\2' 

/usr/diet/words 

find words whose last few letters are also found, adja¬ 
cent and In the same order, somewhere In the middle 
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of the word; the Initial letter of this group also helng 
Identical to the first letter of the word. 

For more details see the "regex" Info page, regex(7) 
man page (hy typing "man 7 regex"). Also the "awk" 
and "egrep" documentation Is worth checking out. 

This article is re-printed with permission. The original 
can be found at: 

http: //thellnuxgurus.org/regexp.html 

Becoming More Ad¬ 
vanced in the Bash 
Shell 

Author: Sam Rowe 
deadman@deadman.org 

If you’ve ever used GNU/Linux, chances are good that 
you’ve used hash. Some people hold the hellef that 
using a GUI Is faster than using a CLl. These people 
have obviously never seen someone who uses a shell 
proficiently. In this tutorial, 1 hope to show you just a 
few of the amazing features hash provides that will 
Increase your productivity In the shell. Bang Bang 
and history 

Everyone knows about bash history, right? You’d be 
surprised. Most modem distributions come with bash 
history enabled and working. If you’ve never done so 
before, try using the up and down arrow keys to 
scroll through your command history. The up arrow 
will cycle through your command history from newest 
to oldest, and the down arrow does, well, the op¬ 
posite. 

As luck would have It, different terminals handle ar¬ 
row keys differently, so the brilliant minds behind 
bash came up with additional methods for accessing 
and making use of the command history. We’ll start 
with history. This command simply gives you a num¬ 
bered list of the commands you’ve entered with the 
oldest command having the smallest number. Simple 
right? 

Here’s an example of history output: 

190 ps -axu I grep htt 

191 /www/bin/apachectl start 

192 vi /usr/local/lib/php.ini 

193 cat /www/logs/error_log 

194 ps -auxw I grep http 

195 pwd 

This brings us to bang-bang or !!. !! tells bash "repeat 
the last command 1 entered." But the magic doesn’t 
stop there. If you order now, you’ll also receive !xyz. 
!xyz will allow you to run the last command begin¬ 
ning with xyz that you typed. Be sure to add enough 
to the abbrevlahon to make It unique or you could 
run Into problems, for Instance: If you ran trn then 
tar xvzf mozllla.tar.gz and then tall ransom-note and 
typed !t you’d be looking at the ransom note again 
when you actually wanted to be reading news again. 
!tr Is just enough to be unique and give you a much 


better chance of hitting your targeted command. :p 
Isn’t just an emoticon 

If you need to be very sure of the command you’re 
targeting, :p can be a huge help. !xyz:p will print the 
command that would be executed rather than execut¬ 
ing It. :p Is also clever enough to add the printed 
command to your history list as the last command 
executed (even though It didn’t execute It) so that. If 
you decide that you like what was printed, a !! Is all 
you need to make It happen cap’n. 

Bash provides a couple of methods for searching the 
command history. Both are useful In different situa¬ 
tions. The first method Is to simply t 5 q)e history, find 
the number of the command you want and then type 
!N where "N" Is the number of the command you’d 
like to execute. (:p works here too.) The other method 
Is a tad more complex but also adds flexlbllty. ctrl-r 
followed by whatever you type will search the com¬ 
mand history for that string. The bonus here Is that 
you’re able to edit the command line you’ve searched 
for before you send It down the line. While the second 
method Is more powerful, when doing some redun¬ 
dant task. It’s much easier to remember !22 than It Is 
to muck with ctrl-r type searches or even the arrow 
keys. Bang dollar-slgn !$ Is the "end" of the previous 
command. Consider the following example: We start 
by looking for a word In a file 

grep -i joe 

/some/long/directory/structure/user- 
lists/list-15 

If joe Is In that userllst, we want to remove him from 
It. We can either fire up vl with that long directory 
tree as the argument, or as simply as 

vi ! $ 


A word of caution: !$ expands to the end word of the 
previous command. What’s a word? The bash man 
page calls a word "A sequence of characters consid¬ 
ered as a single unit by the shell." If you haven’t 
changed anything, chances are good that a word Is a 
quoted string or a white-space delimited group of 
characters. What Is a white-space delimited group of 
characters ? It’s a group of characters that are sepa¬ 
rated from other characters by some form of white-- 
space (which could be a tab, space, etc.) If you’re In 
doubt, :p works here too. 

Another thing to keep In mind when using !$ Is that If 
the previous command had no agruments, !$ will ex¬ 
pand to the previous command rather than the most 
recent argument. This can be handy If, for example, 
you forget to type vl and you just type the filename. A 
simple vl !$ and you’re In. Circumflex hats 

Have you ever typed a command, hit return and a 
micro-second later realized that you made a typo? 
Seems like I’m always typing mroe filename. Luckily, 
the folks who wrote bash weren’t the greatest typists 
either. In bash, you can fix typos In the previous 
command with a circumflex (^) or "hat." Consider the 
following: 

vi /etc/Xll/XF86config 
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oops ! 
6c'^ 6C 


What happened there? The name of the file that 1 was 
trying to edit was /etc/Xll/XF86Conflg (note the 
capital "C.") 1 typed a lower-case "c" and vl saw my er¬ 
ror as a request for a new file. Once 1 closed out of vl 1 
was ahle to fix my mistake with the following formula: 
^error^correchon. 

Hats needn’t he only used for errors... Let’s say you 
have a few redundant commands that can’t he 
handled with a wildcard, hats will work great for you. 
For example: 

dd if=k.ern.flp of=/dev/fdO 
'^kern'^mf sroot 

A few handy movement commands 

Sometimes a mistake Is noticed before the enter key 
Is pressed. We’ve already talked about terminals that 
don’t translate cursor-keys properly, so how do you 
fix a mistake? To make matters worse, sometimes the 
backspace key gets mapped to or even worse 
something like ^[[~. Now how do you fix your mistake 
before hitting the enter key? 

Once again, bash comes through for us. Here are 
some of the movement keystrokes that 1 use most of¬ 
ten: ^w erase word erase from here to beginning of 
the line (1 use this ALL the time.) ^a move the cursor 
to the beginning of the line ^e move the curor to the 
end of the line 

There are more of course, but those are the ones you 
simply can’t live without. For those who don’t know 
the notation means ctrl+N. tab-tab 

One of my favorite features of bash Is tab-completion. 
Tab-completion works In a couple of ways. It can 
complete filenames In the current directory or In your 
$PATH. Like the Icommands above, you just need to 
give bash enough of the filename to make It unique 
and hit the tab key -- bash will do the rest for you. 
Let’s say you have a file In your home directory called 
ransom.note, consider the following: 

mor[tab] ran[tab] 

Will expand to 

more ransom.note 


Let’s say you also have a file named random In your 
home directory, ran above Is no longer enough to be 
unique, but you’re In luck. If you hit tab twice, bash 
will print the list of matching files to the screen so 
that you can see what you need to add to make your 
shortcut unique. Aliases 

Using aliases Is sort of like creating your own com¬ 
mands. You decide what you want to type and what 
happens when you type that. Aliases can live In a few 
of different places, ~/.bashrc ~/.bash_proflle 
~/.profile and ~/.aliases are some, but not all. In 
fact, you’re not really limited to keeping them all In 
once place. Those different flies behave differently 
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based upon what kind of shell you’re running, but 
that’s beyond the scope of this document. For the 
purposes of this discussion, we’ll settle on 
~/.bash_proflle (used for login shells.) 

In that file, usually at the bottom, 1 assemble my 
aliases. Here’s some examples: 

alias startx='startx 2>6<1 I tee ~/.Xlog &' 
alias ls='Is —color=auto' 
alias mroe='more' 
alias H='kill -HUP' 

alias getxcvs='CVS_RSH=ssh; export CVS_RSH; cvs - 
d anoncvs@anoncvs.xfree86.org:/cvs checkout xc' 

The bottom one will probably wrap, but It provides a 
great example of why aliases are great. A whole string 
of commands has been reduced to something short 
and easy to remember. 

1 hope this tutorial has been useful to you. The most 
difficult hurdle here Is not the learning curve, but 
simply becoming accustomed to using these bullt-lns. 
Just like learning vl, once you get good with these, 
you’ll be amazed you ever lived without them. 

This Is just the tip of the bash Iceberg. If you enjoyed 
this, you might want to look around the Net for more 
bash Information, or even buy a book! 

This article is re-printed with permission. The original 
can be found at www.deadman.org 
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Selling in the Bazaar : 
How Open Source 
Manages Code 

Author: Niramiai Rikishi 
nlramlal@myself. com 

The second In the series, this arhcle discusses the 
various models of open source software development 
and the reasons why open source projects succeed. 

In the first part of this series [1] we looked at some of 
the background that surrounds open source and soft¬ 
ware development. In this part, we will discuss and 
focus on successful open source projects and try to 
understand what makes them so successful. 

There are two well known open source development 
models. The first model. Is one most famously fol¬ 
lowed hy Linux [2] and In some sense Perl [3], It Is of¬ 
ten known as the benevolent dictator (BD) model. In 
this model, a well known authority or established fig¬ 
ure Is the overall controller of the entire project. Over¬ 
all design and long term decisions are taken by this 
person. All bug fixes, coding Issues and Implementa¬ 
tion details could be handled by associates or maln- 
talners for the Individual parts of the code. The name 
for this model stems from the fact that while the 
leader of the project chooses to remain neutral and 
evaluate proposals on their merit, once In a way, a 
particular design decision could be made by the dic¬ 
tator right against the code malntalners” choice. This 
privilege of pulling rank In an open source project Is 
used rather Infrequently. In the case of Linux, Linus 
Torvalds [4], guides the code and In many ways, the 
overall direction that the Kernel takes (note the Ker¬ 
nel != Linux). In the meantime, he has been content 
to let companies battle to position Linux In various 
positions, as they see fit. By being neutral to the vari¬ 
ous niches, he can avoid seeming to lean towards any 
particular company or distribution. Larry Wall [5] has 
also performed a similar role for Perl, although with 
recent versions of Perl notably Perl6 [6] this BD 
known as a language designer, albeit that term Is 
used as wine would be In a different bottle. This 
model Is highly adaptable and mobile. In the truest 
sense of the word, this model can allow developers to 
modify code quickly and easily to suit requirements. 
This model depends highly on the BD and his ability 
to foresee the eventual direction of the project, man¬ 
age design Issues and If the need arises apply bug 
fixes and write quality code. 

The other model Is the one adopted In various de¬ 
grees by OpenOfflce, Apache, Mozllla, Deblan [7] and 
the *BSD teams. In this scheme, there Is no clear fig¬ 
urehead leader or controller. A team of various people 
Involved In the project by their contributions, their 
skill and management abilities become co-ordlnators. 

In a common scenario. It would Imply that a core 
group of programmers actually are allowed to make 
design changes and set goals. A set of people at a 
lower level are allowed to commit code Into the CVS 
(Concurrent Versioning System) Repository that Is 
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maintained for the code. Thus, bug fixes, security Is¬ 
sues and other low level details can be maintained at 
a different level while the core group can concentrate 
on more Important Issues. In the case of each of the 
examples, a core group exists which Is usually com¬ 
posed of members of the community that are well re¬ 
spected. From time to time, the groups may recom¬ 
pose themselves [8] and add or delete members. From 
the evidence of the BSD lineage [9], this model Is 
prone to forking. A fork In an open source project oc¬ 
curs when key members are unable to agree on criti¬ 
cal design or Implementation Issues. Such members 
are then free to stop working with the current setup, 
and start on a new system altogether, using the cur¬ 
rent setup as a starting point. Forking, while seem¬ 
ingly negative and dangerous [10], actually leads to 
better focus and from the evidence that Is present 
[11], better code and better software. This model Is 
scalable and less prone to Individual Idiosyncrasies. 
Decisions on controversial Issues are mostly resolved 
by voting of some sort and thereby a fairer picture 
usually results. This scheme also allows for a much 
larger volunteer group to exist as the levels at which 
people Interact are much clearly structured, leading It 
to be easier to manage. 

In both the models, some common elements exist. A 
program Is developed In two clear phases. The first 
stage Is when the code Is considered "experimental", 
"bleeding edge" or alpha. At this point, various fea¬ 
tures that are being considered are publicly debated 
upon and argued passionately till some form of agree¬ 
ment Is reached. These discussions usually occur 
over mailing lists In which the eventual users and de¬ 
velopers are present. Once features are fixed, various 
developers across the world could either In Isolation 
or as part of a team write code that satisfies the re¬ 
quirements [12], This code Is then downloaded, com¬ 
piled, testing and sometimes even deployed by users, 
volunteers and developers worldwide. These develop¬ 
ment versions are often updated on a frequent basis 
and are usually distinguishable by a particular ver¬ 
sioning or naming scheme. After sufficient testing 
and bug fixes are In place, the code Is deemed to be a 
stable or release version. This Is usually given a dif¬ 
ferent version number. This version also has fewer 
updates and often the recommended version for aver¬ 
age users to obtain. This phenomenon Is most noted 
In the Linux distribution Deblan which maintains a 
highly stable and relatively old setup for users while 
maintaining a highly upto date and bleeding edge 
version for developers to test. Most users In the open 
source world, when not unduly concerned about sta¬ 
bility rarely ever Install stable versions and prefer to 
be as bleeding edge as possible. 

The essential reason why open source works lies In 
the manner In which the eventual users of the project 
guide the progress of the project right from the start. 
By being active parts of the process, they facilitate 
early prototyping and proof by demonstration about 
what Is possible and what Is not. Code Is released 
early and released often. The source code being freely 
accessible allows more developers to examine the 
code and suggest potential Improvements, bug fixes 
and other constructive criticism that can Improve the 
code. Open source projects are often the clearest ex¬ 
ample of a meritocracy where you are often judged by 
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the merit of your code and your suggestions. In that 
sense, as you argue either for or against some code, 
there Is a large amount of ego gratification that can 
he achieved while still helng constructive. In the 
words of Gerald Welnherg [13], this critical element Is 
hest termed as egoless programming. 

Another vital and perhaps underplayed element of 
the open source model Is that a large amount of 
chaos pervades the entire architecture. Rigidity and 
formalism are rarely any part of an open source proj¬ 
ect. From elementary chaos theory and evolutionary 
hlology, we know that the most adaptive, dynamic 
and successful systems operate at the edge of chaos. 
Too much rigidity and the system dies as It cannot 
evolve. Too much chaos and the system Is destroyed. 
The halance Is what open source projects seemingly 
achieve the halance and operate at maximum ef¬ 
ficiency. Consider this: from the depths of chaos 
theory and the rigidity of formal complex mathemat¬ 
ics arise the strikingly heautlful and amazing fractals 
[14] that like open source will remain a marvel of this 
Information age. 
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Version Control man¬ 
agement with CVS - 
Part 1 & 2 

Author: Jan Borsodi 


CVS Is a Version Control System which helps mul¬ 
tiple developers manage software projects. I’ll not dis¬ 
cuss whether or not CVS Is the hest choice over other 
free and commercial Version Control Systems, I’ll In¬ 
stead show how CVS Is used and give some small 
tips. This first part deals with setting up CVS locally, 
checking out a project and getting updates. 

Setup Before you start using CVS you’d better setup 
a couple of environment variahles. All examples uses 
hash syntax. 
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First the CVS root needs to he set, this tells the CVS 
program were to look for projects unless another root 
Is set explicitly. The CVSROOT variahle consists of 
four Items: 

1. The protocol type, this can either he the use of ps- 
erver, remote shell execution (RSH and SSH) or lo¬ 
cally. 

2. The user name which has CVS access. 

3. The server on which the repository resides. 

4. The path on the server to the repository. 

For Instance using pserver, which Is often used In lo¬ 
cal LAJMs, you could do 

export 

CVSR00T=:pserver:user@server:/path/to/evsroot 

where user Is your user on the remote server, server 
Is the remote server and the /path/to/evsroot Is the 
path on the remote server. 

You can also have the repository on your local ma¬ 
chine In which case you write 

export CVSR00T=:local:/path/to/evsroot 

where /path/to/evsroot Is the same as the one above 
but now locally. If you want to you can skip the :lo- 
cal: prefix since It Is only needed on the MS-Windows 
platform where the path often contains a :. 

The last and most used mode on the Internet Is by 
using so called remote shell execution, this Is done 
with either RSH (very Insecure and not recom¬ 
mended) or with SSH. Before you use this you need to 
set another shell variable, namely CVS_RSH. To use 
SSH you would write 

export CVS_RSH=ssh 

you would then change the CVSROOT to 

export CVSROOT=user@server:/path/to/evsroot 

where the user, server and /path/to/evsroot Is ex¬ 
actly the same as In the pserver example above. 

One last thing you should do Is to set the default edi¬ 
tor for committing changes. If this variable Is not set 
CVS will use vl for editing, so unless you’re a vl fa¬ 
natic you probably want to change It to something 
more sensible for you. Good editors for this kind of 
use are plco, nano or nedlt. You can also use Emacs 
for this but I would recommend using the emacscll- 
ent. It saves a lot of loading time. 

So to change It to use plco you simply perform this 
shell command: 

export CVSEDITOR=pico 

If you want these variables to be set each time you 
log In you can add them to your ~/.bashrc or 
~/.bash_proflle file. 

Logging In If the repository you’re working Is using 
the pserver protol, you might want to login to It to 
avoid typing your password on every CVS action. 
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However If you’re very concerned with security you 
might want to skip this, the reason Is that when you 
login the password Is stored, although encrypted, on 
your local account In a file called .cvspass, hut that’s 
entirely up to you. 

Logging In Is done with the CVS command login. 
What we’re going to do Is to try to log In to a remote 
repository with an anonymous user, this gives us 
read-only access to the repository. To have something 
concrete to try It out on I’ll use my own project on 
Sourceforge as example. 

CVS - 

d:pserver:anonymous@cvs.RegExplorer.sourceforge.- 
net:/cvsroot/RegExplorer 

login You will then he prompted for a password. This 
Is normally were you write In your password for the 
remote user, hut In this case we simply press Enter 
or Return). We are now logged In to the remote re¬ 
pository and no longer need to pass a password for 
all CVS operations. 

Time to move on to the real commands. 

Checking out If you already have a project that you 
wish to "check out" there a couple of simple steps to 
It: 

What you first need to figure out Is where the reposi¬ 
tory Is located. If It’s In the same place as the CVS- 
ROOT you set earlier you’re set to go. If not you must 
supply a parameter to the CVS command. 

The next thing you need to decide Is which project 
you want to check out, this Is either done with a path 
In the repository or with a CVS module name. 

Checking out Is done with the CVS command check¬ 
out 

CVS checkout module 

or the short version 

CVS CO module 

where the module Is either the name of the defined 
module on the CVS server or the relative path to the 
project. 

To use another repository than the default you must 
specify this with the -d option, this Is called a global 
option and Is always put before the CVS command. 
So If we wanted to check out the RegExplorer project 
we would do 

CVS -z3 - 

d:pserver:anonymous@cvs.RegExplorer.sourceforge.- 
net:/cvsroot/RegExplorer co regexplorer 

You should now get a local copy of the CVS project. 
You might have noticed the use of the global -z3 op¬ 
tion. This simply tells the CVS program to use the 
gzip compression when sending data over the net¬ 
work, this helps the transfer speed when using the 
Internet, the number 3 Is the compression-level for 
the gzlp program. 
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The local copy will present In the subdirectory regex¬ 
plorer on your local machine, the module name Is al¬ 
ways used for creating a local subdirectory. You can 
now enter this directory, look around and make 
changes. 

Any changes you make to this project will not have 
any Impact on the repository version, there are two 
reasons for this. 

The first reason Is that you accessed the CVS server 
with an anonymous user which only gives you read-- 
only access. To get write access you will need a user 
on the repository server and checkout the project 
with that user. 

The second reason Is that any changes by you on 
your local machine will not be Incorporated to the re¬ 
mote server before you do a commit. How to do a 
commit Is explained In a future part. 

Updating 

Updating, one of two widely used CVS commands. Is 
vital to any cvs project. It makes sure your local copy 
Is up to date with the remote repository. 

First lets picture a scenario: 

You successfully checked out the project and have 
used It successfully for a couple of days. You then get 
a message from your friend telling you that a new su¬ 
per cool feature has been committed to the project. 
And of course you’re Interested In getting It. 

Well the solution Is simple, what you need to do Is to 
perform a CVS action called updating, this Is done 
with the CVS command update. To do the update you 
first need to change the current directory to wherever 
you have the project locally, then you do a 

CVS -z3 update 

or using the short form 

CVS -z3 up 

there Is no longer any need to specify the location of 
the repository this Is because when you checked out 
the project the location was stored locally. 

When you execute the command you will notice that 
It lists a couple of files with some letters In front of 
them. The letter In front gives you a clue on the sta¬ 
tus of the file. For Instance 

U means the file was brought up to date. 

P means the file has been patched with the repository 
version. 

A the file was added by you but not committed yet. 

R the file was removed by you but not committed yet. 
M the file has been modified by you but not commit¬ 
ted yet. 

C the file has been committed by you locally and In 
the repository so a conflict has occurred, more Infor¬ 
mation on conflicts follows In the next part. 

? the file Is not part of the CVS project. 
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One thing to notice when you update Is that you only 
get the changes In the files you already have locally. 
Any new files or directories will not he downloaded. 
To make sure you get those too you have to add an 
update specific option -d. 

CVS -z3 up -d 

The reason for not updating all files hy default Is that 
you sometimes don’t want all files In a project and 
has explicitly checked out only a small portion of 
them, It can then he very annoying If the number of 
files just keeps Increasing on each update. 

Another option, which can he useful. Is to stop the 
CVS program from recurslng trough subdirectories. 
Sometimes you just want to perform an action In the 
local directory. To perform a non-recurslve update 
you do 

CVS -z3 up -1 

which performs the update but only In the current di¬ 
rectory. 

One other handy trick you can do with the update 
command Is to get a simple status report on the re¬ 
pository. Sometimes you’re just curious If the CVS re¬ 
pository has changed In any way but don’t want to do 
an actual update to find out. To do this you have to 
specify the global -n option. This option tells the CVS 
program not to perform any changes to the local files. 
We can then do 

CVS -z3 -n up -d 

we then get the same list of files as we do with a nor¬ 
mal update but no files are changed. You can then 
easily pick out which files need patching, which ones 
are new and which ones are removed. 

Conclusion 

You should now have to knowledge to login, check 
out and update projects from a CVS repository. These 
are the only things you need to know If you’re only In¬ 
terested In using other peoples projects. For Instance 
It allows you to download bleeding edge versions of 
your favorite programs, no need to wait for the next 
binary release. You can also help a developer find bug 
reports In the very latest version, this Is much ap¬ 
preciated by most. If not all, developers 

Part 2. 

Comitting 

Committing, the second of the two widely used CVS 
commands (the first Is updating), takes care of send¬ 
ing all your local changes to the CVS repository. To 
be able to commit your changes you need write ac¬ 
cess to the CVS repository, so any anonymous logins 
won’t work. 

Before 1 start explaining the commit command I’ll tell 
you a little secret that will make your committed 
work so much more appreciated. The scenario Is this. 
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You’re working on a project and have successfully en¬ 
hanced It by adding your own super code locally. 
You’ve tried out your personal changes several times 
and everything seems to work OK. Now you probably 
want to send these changes to the repository so you 
perform the commit command. However while you 
were busy creating your changes somebody else has 
done some other changes to the project which directly 
affects your work. If you were to commit you changes 
as It Is now one of three things could happen: 

1. No conflicts or compile problems occur for other 
co-developers. 

2. No conflicts occur but the code will not compile 
with the latest CVS version. 

3. Conflicts occur because you and one or more co-- 
developers have modified the same code lines as you. 

If number 3 happens you won’t be able to commit be¬ 
cause you don’t have the latest version, and you can¬ 
not commit a lower version over a newer version, this 
means you have to update your local CVS repository. 
Number 1 Is harmless since It works for all parts, but 
number 2 Is something you want to avoid since It 
might break code. So how do you avoid number 2 you 
ask? 

As a rule of thumb you should always, and 1 mean al¬ 
ways, update before you do a commit. Why so? Well If 
you have the latest version locally and your new code 
still works, you can rest assure It will work for your 
co-developers as well(unless you consider conflicts). 

With that said I’ll continue with explaining how to 
commit. 

Committing Is done with the CVS command commit. 
You do this with: 


CVS commit 

or short 

CVS com 

another short form 

CVS ci 

Remember that you can use the global options you 
learned In part 1, for Instance the -z3 might be use¬ 
ful. 

When the command Is run CVS will start looking 
trough your directories, starting In the current and 
recurslng trough subdirectories, finding files which 
are modified locally. When this Is done CVS will ask 
you for a message regarding the changes you have 
made, this Is done with the editor set In the CVSEDl- 
TOR variable (this Is explained In part 1), when you 
save this message and quit the editor the changes 
will be sent to the repository with the change mes¬ 
sage. 

If you want to abort the commit you can do this by 
quitting the editor without saving. 
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However committing this way Is not what will make 
you popular with your co-developers, this Is hecause 
your change message will he appended to all modified 
files. For Instance your hug fix In one of the code files 
has no use helng In the README file. This means 
that you should commit each file separately (or at 
least groups of files which belong together). To do this 
you supply the flle(s) after the commit command, for 
Instance: 

CVS commit README 

which will only commit changes for the README file. 
Or using several files 

CVS commit qaregexp.cpp qaregexp.hpp 

which will commit changes for both the C++ body and 
header files (C++ body and header files are closely re¬ 
lated). 

The message Itself can also be specified directly to the 
CVS program by using the -m option. For Instance 

CVS commit -m "Changed the mail addresses to my 
new one" README 

The last word on committing Is that you write sen¬ 
sible messages. Messages saying, fixes, stuff or other 
meaningless sentences are useless, spend some time 
writing the messages and make sure you get all 
changes In It. And remember the spellchecker Is not 
your enemy. 

Adding files 

Being able to do changes and committing them Is 
now possible, but how do you add new files to the re- 
posltor}^ Thanks to marvelous new technology this Is 
possible with a few simple steps. 

The command for adding new files Is add. For In¬ 
stance to add the Installation file you do: 

CVS add INSTALL 

You can also add sub-directories, for Instance If src Is 
a sub-directory do: 

CVS add src 

But remember only the sub-directory will be added 
not the content, you need to add these yourself after¬ 
wards. 

If you have more than one file to add you can specify 
them all to the command line, to add all .cpp files, 
the FAQ and the Installation file do: 

CVS add *.cpp FAQ INSTALL 

After the flle(s) are added you need to commit the 
changes, this allows you to write an nice Initial mes¬ 
sage explaining why you added It. 

There Is one Important thing you should know about 
files In the CVS repository, and that Is that they 
never disappear (they never get smaller either). It will 


disappear from the local copy and the local files may 
look smaller, but In the real CVS repository all 
changes you, and your co-developers, have ever com¬ 
mitted will be present. 

At first this might seem strange, but consider what 
would happen If you wanted an earlier version of the 
project and the files didn’t exist anymore? Well It 
wouldn’t work. That Is why CVS keeps all Information 
sent to It. 

With this said you probably wonder how you remove 
files from CVS. As always you do this with a CVS 
command and this time It’s called remove. 

For Instance to remove the Installation file we added 
earlier do: 

CVS remove INSTALL 

But remember CVS will not remove the file in the re- 
posltory unless It Is removed locally flrst(lt can be 
renamed/moved too If you want to keep It), the file 
will now be marked as removed. 

To perform the removal you have to do a commit 
(with a nice comment). The file will then be moved. In 
the repository, from the current directory to a sub-- 
dlrectory called Attic. All removed files will be put In 
the Attic. 

Creating patches 

The two previous pages explained how you can com¬ 
mit your changes and add files to a CVS repository If 
you have the proper write access. But what If you 
only have anon 5 mious access and want the changes 
you have made locally to appear In the CVS reposi¬ 
tory? 

Luckily for you there Is one option and that Is to cre¬ 
ate a patch and send It to someone with write access. 
But don’t count on the changes to appear at all. It’s 
entirely up to each developer to use the patches sub¬ 
mitted by you. To help on this you should always 
send a detailed description on what you have 
changed and ask politely. 

To create a patch you have to find out what the differ¬ 
ence between your local copy and the CVS repository 
Is. This Is done with the CVS command dlff, the 
usual option to use for dlff Is -u which outputs the 
difference In a unified format. You can also use the -c 
option which uses the context output format. So we 
want to do: 

CVS diff -u 

After a while It will start spitting out lots of text ex¬ 
plaining the differences, to put this Into a file we use 
redirection. 

CVS diff -u >my.patch 

This creates a file called my. patch which can be 
emailed to the developer, and hopefully will be Incor¬ 
porated Into the CVS tree. 

Version numbers 
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You might have noticed when working with a CVS re¬ 
pository that each file has a given number. For In¬ 
stance It might have 1.0, 1.2 or 1.8, the number Is 
what’s commonly called a revision number, which 
gives the user a clue on how many times the file has 
been modified. Files which are frequently modified 
will have high numbers, for Instance 1.50. 

Revision numbers are not be confused with program 
version. A program with version 1.4.2 might have files 
with varying revision numbers. 

A version number will always have an even number of 
period-separated decimal Integers. So a revision 
number of 1.3.2.2.4.5 Is allowed. Revision 1.1 Is by 
default the first version of a file. When revision num¬ 
bers have more than one period It Is part of a branch, 
branches will be explained In a later part. Normally 
there’s no reason to care about revision numbers as 
CVS will automatically Increase them Internally. 
However sometimes you might want to change the re¬ 
vision on all your files when you have released major 
version of your software. 

Note that using tags, which will be explained In a 
later part. Is a much better way to handle releases. 

So If you wanted all files to have a new revision num¬ 
ber you would use the commit command with an op¬ 
tion. For Instance 

CVS commit -r 3.0 

will bring all your files up to revision 3.0. Revision 
numbers can only be Increased, so trying to set a re¬ 
vision number of 1.3 when other files have revision 
1.5 will fall. 

Conclusion You should now have the knowledge to 
perform changes to projects, whether good or bad, 
with the use of CVS. You should also know how to 
create patches In case you just have anon 5 rmous read 
access. So why not help out your favorite Open 
Source project and make the world a better place. 

The next part In this series will go Into the details of 
CVS repository management, that Is creating a new 
CVS repository. Importing sources and handling CVS 
modules. For those of you who simply cannot wait 1 
recommend you either check out the man pages for 
CVS, read It’s PostScript version (usually located In 
/usr/doc/), the online manual or the PDF document. 

This article is re-printed with permission. The original 
can be found at www.zez.org 
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AusCERT: Steps for 
Recovering from a 
UNIX or NT System 
Compromise 

Author: The AusCERT Team 
auscei1@auscert.org.au 

This document Is being published jointly by the CERT 
Coordination Center and AusCERT (Australian Com¬ 
puter Emergency Response Team). It describes sug¬ 
gested steps for responding to a UNIX or NT system 
compromise. Your response should be carried out In 
several stages: 

Introduction 

This document sets out suggested steps for respond¬ 
ing to a UNIX or NT system compromise. 

Note that all actions taken during your recovery from 
a system compromise should be In accordance with 
your organization’s policies and procedures. 

A.Before you get started 

1. Consult your security policy 

2. If you do not have a security policy 

i. Consult with management 

Depending on how your organization Is structured, It 
may be Important to notify management In order to 
facilitate Internal coordination of your recovery effort. 
Also be aware that Intrusions may get the attention of 
the media. 

ii. Consult with your legal counsel 

Before you get started In your recovery, your organi¬ 
zation needs to decide If pursuing a legal Investiga¬ 
tion Is an option. 

Note that the CERT Coordination Center and 
AusCERT (Australian Computer Emergency Response 
Team) are Involved In providing technical assistance 
and facilitating communications In response to com¬ 
puter security Incidents Involving hosts on the Inter¬ 
net. We do not have legal expertise and cannot offer 
legal advice or opinions. For legal advice, we recom¬ 
mend that you consult with your legal counsel. Your 
legal counsel can provide you with legal options (both 
civil and criminal) and courses of action based on you 
or your organization’s needs. 

It Is up to you how you wish to pursue this Incident. 
You may wish to secure your systems or to contact 
law enforcement to Investigate the case. 

If you are Interested In determining the Identify of or 
pursuing action against the Intruder, we suggest that 
you consult your management and legal counsel to 
see If any local, state, or federal laws have been vio¬ 
lated. Based on that, you could then choose to 
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contact a law enforcement agency and see If they 
wish to pursue an Investigation. 

We encourage you to discuss the root compromise ac¬ 
tivity with your management and legal counsel to an¬ 
swer the following questions: 

• What Is your legal status In terms of your 
ability to trap Intruders or trace connections 
(l.e., do you have a login banner stating that 
connections can be tracked or traced? See 
CERT Advisory CA-92:19 , "Keystroke Logging 
Banner"). 

• What are your legal responsibilities If your 
site Is aware of the activity and does not take 
steps to prevent It? 

• Have any local, state, or federal laws been 
violated? 

• Should an Investigation be pursued? 

• Should you report the activity to local, state, 
or national) law enforcement? 

iii.Contact law enforcement agencies 

In general. If you are Interested In pursuing any type 
of Investigation or legal prosecution, we’d encourage 
you to first discuss the activity with your 
organization’s management and legal counsel and to 
notify any appropriate law enforcement agencies (In 
accordance with any policies or guidelines at your 
site). 

Keep In mind that unless one of the parties Involved 
contacts law enforcement, any efforts to trap or trace 
the Intruder may be to no avail. We suggest you con¬ 
tact law enforcement before attempting to set a trap 
or tracing an Intruder. 

U.S. sites Interested In an Investigation can contact 
their local Federal Bureau of Investigation (FBI) field 
office. To find contact Information for your local FBI 
field office, please consult your local telephone direc¬ 
tory or see the FBI’s field offices web page available 
at: 

http://www.fbl.gov/contact/fo/fo.ht- 

m 

For more Information, please see the web page of the 
FBI Washington Field Office Infrastructure Protection 
and Computer Intrusion Squad (WFO IPCIS): 

http:/ /www.fbl.gov/programs/lpcls- 

/Ipcls.htm 

You may wish to contact the U.S. Secret Service for 
Incidents Involving the following: 

• theft or abuse of credit card Information (e.g., 
credit card fraud, the exchange of credit card 
Information) 

• threats to the President of the United States 
(e.g., threatening email messages) 
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• Impersonation of the President of the United 
States (e.g., the creation of forged email ap¬ 
pearing to come from the President) 

To contact the Secret Service: 


Therefore, you may wish to work through steps In 
section C.5. Look for signs of a network sniffer to de¬ 
termine If the compromised system Is currently run¬ 
ning a network sniffer. 


Secret Service main phone number: 

+ 1 202 435-7700 

Financial Crimes Division - Elec¬ 
tronic Crimes Section 
Phone: +1 202 435-5850 
Fax: +1 202 435 7607 

Non-U. S. sites may want to discuss the activity with 
their local law enforcement agency to determine the 
appropriate steps that should he taken with regard to 
pursuing an Investigation. 

To contact the Australian Federal Police: 


Canberra 

Brisbane 

Sydney 

Melbourne 

Adelaide 

Perth 

Darwin 


+61 2 6256 7777 
+61 7 3222 1222 
+61 2 9286 4000 

+61 3 9607 7777 
+61 8 8419 1811 

+61 8 9320 3444 
+61 8 8981 1044 


Ask for the Co-ordination 
centre 

Ask for Operations 

Ask for the Co-ordination 

centre 

Ask for the Co-ordination 
centre 

Ask for the Co-ordination 
centre 

Ask for the Co-ordination 
centre 

Ask for the Co-ordlnator 


iv.Notify others within your organization 

In addition to notifying management and legal coun¬ 
sel at your site, you may also need to notify others 
within your organization who may he directly affected 
hy your recovery process (e.g., other administrators 
or users). 

3. Document all of the steps you take in recovering 

The Importance of documenting every step you take 
In recovery can not he overstated. Recovering from a 
system compromise can he a hectic and tlme-- 
consumlng process and hasty decisions are often 
made. Documenting the steps you take In recovery 
will help prevent hasty decisions and give you a re¬ 
cord of all the steps you took to recover, which you 
can reference In the future. Documenting the steps 
you take In recovery also may he useful If there Is a 
legal Investigation. 

B.Regain control 

1 .Disconnect compromised system(s) from the network 

To regain control, you will need to disconnect all com¬ 
promised machines from your network Including dial 
In connections. After that you may wish to operate In 
single user mode In UNIX or as the local administra¬ 
tor In NT to ensure that you have complete control of 
the machine; however, hy rebooting or changing to 
single user/local administrator mode, you may lose 
some useful Information because all processes ex¬ 
ecuting at the time of discovery will be killed. 


Operating In single user mode on UNIX systems will 
prevent users. Intruders, and Intruder processes from 
accessing or changing state on the compromised ma¬ 
chine while you are going through the recovery pro¬ 
cess. 

If you do not dlscormect the compromised machine 
from the network, you run the risk that the Intruder 
may be cormected to your machine and may be undo¬ 
ing your steps as you try to recover the machine. 

2. Copy an image of the compromised systemts) 

Before analyzing the Intrusion we encourage you to 
create a backup of your system. This will provide a 
"snapshot" of the file system at the time that the root 
compromise was first discovered. You may need to re¬ 
fer back to this backup In the future. 

If you have an available disk which Is the same size 
and model as the disk In the compromised system, 
you can use the dd command In UNIX to make an ex¬ 
act copy of the compromised system. 

For example, on a Linux system with two SCSI disks, 
the following command would make an exact replica 
of the compromised system (/dev/sda) to the disk of 
the same size and model (/dev/sdb). 

# dd if=/dev/sda of=/dev/sdb 

Please read the dd man page for more Information. 
There are many other ways to create a backup of your 
system. On NT systems there Is no built In command 
like dd, but there are a number of third party ap¬ 
plications that will make an Image copy of an entire 
hard drive. 

Creating a low level backup Is Important In case you 
ever need to restore the state of the compromised ma¬ 
chine when It was first discovered. Also, files may be 
needed for a legal Investigation. Label, sign, and date 
the backup and keep the backup In a secure location 
to maintain Integrity of the data. 

C. Analyze the intrusion 

with your system disconnected from the network, 
you can now thoroughly review log files and configu¬ 
ration files for signs of Intrusion, Intruder modifica¬ 
tions, and configuration weaknesses. 

1. Look for modifications made to system software and 
configuration files 

Verify all system binaries and configuration files. 
When looking for modifications of system software 
and configuration files, keep In mind that any tool 
you are using on the compromised system to verify 
the Integrity of binaries and configuration files could 
Itself be modified. Also keep In mind that the kernel 
(operating system) Itself could be modified. Because 
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of this, we encourage you to boot from a trusted ker¬ 
nel and obtain a known clean copy of any tool you In¬ 
tend to use In analyzing the Intrusion. On UNIX sys¬ 
tems you can create a boot disk and make It write 
protected to obtain a trustworth kernel. 

We urge you to check all of your system binaries 
thoroughly against distribution media. We have seen 
an extensive range of Trojan horse binaries that have 
been Installed by Intruders. 

Some of the binaries which are commonly replaced by 
Trojan horses on UNIX systems are: telnet, In.telnetd, 
login, su, ftp. Is, ps, netstat, Ifconflg, find, du, df, llbc, 
sync, Inetd, and syslogd. Also check any binaries ref¬ 
erenced In /etc/lnetd.conf, critical network and sys¬ 
tem programs, and shared object libraries. 

On NT systems, Trojan horses commonly Introduce 
computer viruses or "remote administration" pro¬ 
grams such as Back Orifice and NetBus. There have 
been cases where the system file that handles Inter¬ 
net connectivity was replaced with a Trojan horse. 

Because some Trojan horse programs could have the 
same timestamps as the original binaries and give the 
correct sum values, we recommend you use cmp on 
UNIX systems to make a direct comparison of the bi¬ 
naries and the original distribution media. 

Alternatively, you can check the MD5 results for ei¬ 
ther UNIX or NT on suspect binaries against a list of 
MD5 checksums from known good binaries. Ask your 
vendor If they make MD5 checksums available for 
their distribution binaries. 

Additionally, verify your configuration files against 
copies that you know to be unchanged. 

When Inspecting your configuration files on UNIX 
systems, you may want to: 

• check your /etc/passwd file for entries that 
do not belong. 

• check to see If /etc/lnetd.conf has been 
modified. 

• If you allow the "r-commands" (rlogln, rsh, 
rexec), ensure that there Is nothing that does 
not belong In /etc/hosts.equlv or In any .rho- 
sts files. 

• check for new SUID and SGID files. The fol¬ 
lowing command will print out all SUID and 
SGID files within your filesystem. 

# find / \( -perm -004000 -o -perm 
-002000 \) -type f -print 

When Inspecting NT systems, you may want to 

• check for odd users or group memberships. 

• check for changes to registry entries that 
start programs at logon or services, (see LIST¬ 
ING 1) 

• check for unauthorized hidden shares with 
the 'net share’ command or Server Manager 
tool. 

• check for processes that you do not Identify 
using the pullst.exe tool from the NT resource 
kit or the NT Task Manager. 


2. Look for modifications to data 

Data on compromised systems Is often modified by 
Intruders. We encourage you to verify the Integrity of 
web pages, ftp archives, files In users’ home directo¬ 
ries, and any other data flies on your system. 

3. Look for tools and data left behind by the intruder 

Intruders will commonly Install custom-made tools 
for continued monitoring or for access to a compro¬ 
mised system. 

The common classes of files left behind by Intruders 
are 

• Network Sniffers 

A network sniffer Is a utility which will monitor and 
log network activity to a file. Intruders commonly use 
network sniffers to capture username and password 
data that Is passed In cleartext over the network, (see 
section C.5 below) 

Sniffers are more common on UNIX systems, but on 
NT systems check for key logging programs. 

• Trojan Horse Programs 

Trojan horse programs are programs that appear to 
perform one function while actually performing a dif¬ 
ferent function. Intruders use Trojan horse programs 
to hide their activity, capture username and pass¬ 
word data, and create backdoors for future access to 
a compromised system, (see section C. 1 above) 

• Backdoors 

Backdoor programs are designed to hide Itself Inside 
a target host. The backdoor allows the user that In¬ 
stalled It to access the system without using normal 
authorization or vulnerability exploitation. 

• Vulnerability Exploits 

A majority of compromises are a result of machines 
running vulnerable versions of software. Intruders of¬ 
ten use tools to exploit known vulnerabilities and 
gain unauthorized access. These tools are often left 
behind on the system In "hidden" directories. 

• Other Intruder Tools 

The Intruder tools listed above are not Intended to be 
a conclusive or comprehensive list. There may be 
other tools left behind by an Intruder. Some of the 
other types of tools you may find are tools to 

probe systems for vulnerabilities 
iV launch widespread probes of many other 
sites 

launch denial of service attacks 
■A use your computing and networking re¬ 
sources 

• Intruder Tool Output 


AUUGN Vol.21 • No.4 


- 49 


December 2000 






You may find log files from any number of Intruder 
tools. These log files may contain Information about 
other sites Involved, vulnerabilities of your compro¬ 
mised machlne(s), and vulnerabilities at other sites. 

We encourage you to search thoroughly for such tools 
and output files. Be sure to use a known clean copy 
of any tool that you use to search for Intruder tools. 
When searching for Intruder tools on a compromised 
system 

• Look for unexpected ASCII files In the /dev 
directory on UNIX systems. Some of the Tro¬ 
jan binaries rely on configuration files which 
are often found In /dev. 

• Look very carefully for hidden files or directo¬ 
ries. If an Intruder has created a new account 
and home directory then there may be hidden 
files or directories. 

• Look for files or directories with strange 
names such as "..." (three dots) or ".. " (two 
dots and some whitespace) [UNIX]. Intruders 
often try and hide files within such directo¬ 
ries. On NT systems, look for files and direc¬ 
tories that closely match what may appear as 
a system file (EXPLORE.EXE, UMGR32.EXE, 
etc). 

4. Review logJUes 

Reviewing your log files will help you get a better Idea 
of how your machine was compromised, what hap¬ 
pened during the compromise, and what remote 
hosts accessed your machine. 

Keep In mind when reviewing any log files from a 
compromised machine that any of the logs could have 
been modified by the Intruder. 

On UNIX systems, you may need to look In your 
/etc/syslog.conf file to find where syslog Is logging 
messages. NT systems generally log everything to one 
of three logs for NT events, all of which are viewed 
through the Event Viewer. Other NT applications 
such as IIS server may log to other locations. IIS by 
default writes logs to the c:\wlnnt\system32\logflles 
directory. 

Below Is a list of some of the more common UNIX log 
file names, their function, and what to look for In 
those files. Depending on how your system Is config¬ 
ured, you may or may not have the following log files. 

• messages 

The messages log will contain a wide variety of Infor¬ 
mation. Look for anomalies In this file. An)Thlng out 
of the ordinary should be Inspected. Also, look for 
events that occurred around the known time of the 
Intrusion. 

• xferlog 

If the compromised system has a functioning ftp 
server, xferlog will contain log files for all of the ftp 
transfers. This may help you discover what Intruder 
tools have been uploaded to your system, as well as 


what Information has been downloaded from your 
system. 

• utmp 

This file contains binary Information for every user 
currently logged In. This file Is only useful to deter¬ 
mine who Is currently logged In. One way to access 
this data Is the who command. 

• wtmp 

Every time a user successfully logs In, logs out, or 
your machine reboots, the wtmp file Is modified. This 
Is a binary file; thus, you need to use a tool to obtain 
useful Information from this file. One such tool Is 
last. The output from last will contain a table which 
associates user names with login times and the host 
name where the connection originated. Checking this 
file for suspicious connections (e.g., from unauthor¬ 
ized hosts) may be useful In determining other hosts 
that may have been Involved and finding what ac¬ 
counts on your system may have been compromised. 

• secure 

Some versions of UNIX (RedHat Linux for example) 
log tcp wrapper messages to the secure log file. Every 
time a connection Is established with one of the ser¬ 
vices running out of Inetd that uses tcp wrappers, a 
log message Is appended to this log file. When looking 
through this log file, look for anomalies such as ser¬ 
vices that were accessed that are not commonly used, 
or for connections from unfamiliar hosts. 

The common Item to look for when reviewing log files 
Is anything that appears out of the ordinary. 

5. Look for signs of a network sniffer 

When a system compromise occurs. Intruders could 
potentially Install a network monitoring program on 
UNIX systems, commonly called a sniffer (or packet 
sniffer), to capture user account and password Infor¬ 
mation. For NT systems, remote administration pro¬ 
grams would be more commonly used for the same 
purpose. 

The first step to take In determining If a sniffer Is In¬ 
stalled on your system Is to see If any process cur¬ 
rently has any of your network Interfaces In promis¬ 
cuous mode. If any Interface Is In promiscuous mode, 
then a sniffer could be Installed on your system. Note 
that detecting promiscuous Interfaces will not be pos¬ 
sible If you have rebooted your machine or are oper¬ 
ating In single user mode since your discovery of this 
Intrusion. 

There are a couple of tools designed for this purpose. 

• cpm - UNIX 
available for download from: 

ftp://coast, cs.purdue.edu/pub/tooT 

s/unlx/cpm/ 

• ifstatus - UNIX 
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available for download from: 


6. Check other systems on your network 


ftp: //coast, cs.purdue.edu/pub/tool- 

s/Unix/Ifstatus/ 

Keep In mind that some legitimate network monitors 
and protocol analyzers will set a network Interface In 
promiscuous mode. Detecting an Interface In promis¬ 
cuous mode does not necessarily mean that an 
Intruder’s sniffer Is running on a system. 

Another Issue to consider Is that sniffer log files tend 
to grow quickly In size. You may want to use utilities 
such as df to determine If part of the filesystem Is 
larger than expected. Remember that df Is often re¬ 
placed by a Trojan horse program when sniffers are 
Installed; therefore, be sure to obtain a known clean 
copy of that utility If you do use It. 

If you find that a packet sniffer has been Installed on 
your systems, we strongly urge you to examine the 
output file from the sniffer to determine what other 
machines are at risk. Machines at risk are those that 
appear In the destination field of a captured packet, 
but If passwords across systems are common or If the 
source and destination machines trust each other the 
source machine will also be at further risk. 

Many common sniffers will log each connection as fol¬ 
lows: 

— TCP/IP LOG — TM: Tue Nov 15 15:12:29 — 
PATH: not_at_risk.domain.com(1567) => 
at_risk.domain.com(telnet) 

For sniffer logs of this particular format, you can ob¬ 
tain a list of affected machines by executing the fol¬ 
lowing command: 

% grep PATH: $sniffer_log_file | 
awk '{print $4}' | \ 

awk -F\ ( '{print $1}'| sort -u 

You may need to adjust the command for your par¬ 
ticular case. Also, some sniffers encrypt their logs so 
they may not be obvious. Because of this check for 
files that grow quickly. 

You should be aware that there may be other ma¬ 
chines at risk In addition to the ones that appear In 
the sniffer log. This may be because the Intruder has 
obtained previous sniffer logs from your systems or 
through other attack methods. 

For more Information, we encourage you to review 
CERT Advisory CA-94:01, available from: 

http: //www.cert.org/advisories/CA- 

94.01 .ongolng.network.monltorlng.a- 

ttacks.html 

The advisory describes of sniffer activity and suggests 
approaches for addressing this problem. 

Please send us a list of all hosts you know to he af¬ 
fected. This will help us determine the scope of the 
problem. 

If Australian or New Zealand hosts have heen In¬ 
volved, please Inform auscert@auscert. org. an . 


We encourage you to check all of your systems, not 
just those that you know to be compromised. In your 
check Include any systems associated with the com¬ 
promised system through shared network-based ser¬ 
vices (such as NIS and NFS) or through any method 
of trust (such as systems In hosts, equlv or .rhosts 
files, or a Kerberos server). 

In examining other systems on your network, we en¬ 
courage you to use our Intruder Detection Checklists: 

http://www.cert.org/tech tlps/lntru- 

der detection checkllst.html 
http:/ /WWW, auscert.org. an/Informa- 

tlon/Auscert Info/Papers/wln Intru¬ 

der detection checkllst.html 

7. Check for systems involved or effected at remote 
sites 

While examining log files. Intruder output files, and 
any files modified or created during and since the 
time of the Intrusion, look for Information that leads 
you to suspect that another site may be linked with 
the compromise. We often find that other sites linked 
to a compromise (whether upstream or downstream 
of the compromise) have often themselves been vic¬ 
tims of a compromise. Therefore It Is Important that 
any other potential victim sites are Identified and no¬ 
tified as soon as possible. 

D. Contact the relevant CSIRT and other sites 
involved 

1. Incident Reporting 

Intruders will frequently use compromised accounts 
or hosts to launch attacks against other sites. If you 
find evidence of compromise or Intruder activity at 
any other sites, we encourage you to contact those 
sites. Tell them what you have found, explain that 
this may he a sign of compromise or Intruder activity 
at their site, and suggest that they may wish to take 
steps to determine If/how the compromise occurred 
and prevent a recurrence. When contacting other 
sites, please give them as much detail as possible In¬ 
cluding date/tlmestamps, tlmezone, and what to do If 
they have follow-up Information. 

We would appreciate a "cc" to cert@cert.org or 
auscert@auscert.org.au as appropriate on any cor¬ 
respondence. If you like, you can let the site know 
that you are working with us on this Incident (please 
Include the assigned CERT or AusCERT tracking 
number In the subject line of your messages). Also let 
them know that we can offer assistance on how to re¬ 
cover from the compromise. 

2. Contact AusCERT - Australian Computer Emergency 
Response Team 

We would appreciate It to be Informed of any Inci¬ 
dents Involving Australian and New Zealand sites as 
It helps us to gauge the extent and nature of Intruder 
activity. 


- 51 - 


AUUGN Vol.21 • No.4 


December 2000 













Our contact Information Is as follows: 

Internet: auscert@auscert. org. an 

monitored during business hours 
(GMT+10:00) 

Telephone: +61 7 3365 4417 moni¬ 
tored during business hours 
(GMT+10:00) 

Hotline: +61 7 3365 4417 monitored 
24 hours, 7 dags for emergencies 
(GMT+10:00) 

Facsimile: +61 7 3365 7031 

Australian Computer Emergency Response Team 

The University of Queensland 

Brlshane 

Qld 4072 

AUSTRALIA 

3. Contact the CERT Coordination Center 

We would appreciate It If you would complete and re¬ 
turn an Incident Reporting Form as this will help us 
better assist you, and allow us to relate ongoing In¬ 
truder activities. This also provides us a better over¬ 
view of trends In attack profiles and provides Input 
for other CERT documents such as Advisories and 
Summaries. We prefer that Incident Reporting Forms 
are sent to us via email. The Incident Reporting 
Forms are available from: 

http://www.cert.org/ftp/lncldent re¬ 

porting form 

Our contact Information Is as follows: 

Email: cert@cert.org 
(monitored during business hours) 

Telephone: +1-412-268-7090 24-hour hotline 
Fax: +1-412-268-6989 

CERT Coordination Center personnel answer busi¬ 
ness days (Monday-Frlday) 08:30-17:00 EST/EDT 
(GMT-5)/(GMT-4), on call for emergencies during 
other hours. 

CERT Coordination Center 
Software Engineering Institute 
Carnegie Mellon University 
Pittsburgh, PA USA 15213-3890 

4. Obtain contact information for other sites involved 

If you need contact Information for a .COM, .EDU, 
.NET, or .ORG top-level domain, we encourage you to 
use the InterNlC’s whols database. 

http://rs.lntemlc.net/tools/whols.h- 

tml 

To find contact Information from the appropriate reg¬ 
istrar, we encourage you to use the InterNlC’s Regis¬ 
trar Directory: 

http:/ /rs.lnternlc.net/origln.html 
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To find contact Information for the Asia-pacific region 
and Australia respectively: 

http: / /www.apnlc.net/apnlc- 

bln/whols.pl 

http: //www.aunlc.net/cgT 

bln / whols. aunlc 

To find contact Information for other Incident re¬ 
sponse teams, you may also want to check the con¬ 
tact list of the Forum of Incident Response and Secu¬ 
rity Teams (FIRST), available In: 

http: / / WWW, first, or g/team-info / 

More Information about finding site contacts Is avail¬ 
able from: 

http://www.cert.org/tech tips/flndl- 

ng site contacts.html 

We do not recommend sending email to "root" or 
"postmaster" of a machine that Is suspected of being 
Involved In Intmder activity. If that machine Is the 
source of an Intruder attack. It Is possible that that 
machine Itself may be compromised and the Intmder 
may have root access and/or be reading or Intercept¬ 
ing email sent to that host. 

If you are still unsure of a site or contact details, 
please get In touch with us. 

E. Recover from the intrusion 

1. InstaR a clean version of your operating system 

Keep In mind that If a machine Is compromised, any¬ 
thing on that system could have been modified. In¬ 
cluding the kernel, binaries, datafiles, running pro¬ 
cesses, and memory. In general, the only way to trust 
that a machine Is free from backdoors and Intmder 
modifications Is to reinstall the operating system from 
the distribution media and Install all of the security 
patches before connecting back to the network. 
Merely determining and fixing the vulnerability that 
was used to Initially compromise this machine may 
not be enough. 

We encourage you to restore your system using 
known clean binaries. In order to put the machine 
Into a known state, you should re-lnstall the operat¬ 
ing system using the original distribution media. 

2. Disable unnecessary services 

Configure your system to offer only the services that 
the system Is Intended to offer and no others. Check 
to ensure that there are no weaknesses In the con¬ 
figuration files for those services and that those ser¬ 
vices are available only to the Intended set of other 
systems. In general, the most conservative policy Is to 
start by disabling everything and only enabling ser¬ 
vices as they are needed. 

3. Install all vendor security patches 

We strongly encourage you to ensure that the full set 
of security patches for each of your systems Is 
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applied. This Is a major step In defending your sys¬ 
tems from attack and Its Importance cannot be over¬ 
stated. 

We encourage you to check with your vendor regu¬ 
larly for any updates or new patches that relate to 
your systems. 

4. Consult AusCERT advisories and external security 
bulletins 

We encourage you to consult past AusCERT adviso¬ 
ries and external security bulletins and to follow the 
Instructions that are relevant to your particular con¬ 
figuration. Be sure that you have Installed all ap¬ 
plicable patches or workarounds described In the 
AusCERT publications. 

Remember to check the advisories periodically to en¬ 
sure that you have the most current Information. 

Past AusCERT advisories are available from: 

http://www.auscert.org.au/lnforma- 

tlon/Advisories/aus advlsorles.html 

ftp: //ftp.auscert.org.au/pub/auscer- 

t/advisory/ 

External Security Bulletins are available from: 
http: / /www.auscert.org.au/lnforma- 

tlon/Advisories/esb advlsorles.html 

ftp: //ftp.auscert.org.au/pub/auscer- 

t/ESB/ 


5. Consult CERT advisories, summaries, and vendor- 
initiated bulletins 

We encourage you to consult past CERT advisories, 
summaries, and vendor-initiated bulletins and to fol¬ 
low the Instructions that are relevant to your particu¬ 
lar configuration. Be sure that you have Installed all 
applicable patches or workarounds described In the 
CERT publications. 

Remember to check the advisories periodically to en¬ 
sure that you have the most current Information. 

Past CERT advisories are available from: 

http: / /WWW, cert, org / advisories / 

Past CERT summaries are available from: 

http: / /WWW, cert, org / summaries / 

Vendor-Initiated bulletins are available from: 

ftp://ftp.cert.org/pub/cert bulletlns- 

L 

6. Caution use of data from backups 

When restoring data from a backup, ensure that the 
backup Itself Is from an uncompromised machine. 
Keep In mind that you could re-lntroduce a vulner¬ 
ability that would allow an Intruder to gain unauthor¬ 
ized access. Also, If you are only restoring users’ 
home directories and data files, keep In mind that 
any of those files could contain Trojan horse pro¬ 
grams. You may want to pay close attention to .rhosts 
files In users’ home directories. 
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7. Change passwords 

After all security holes or configuration problems 
have been patched or corrected, we suggest that you 
change the passwords of ALL accounts on the af¬ 
fected system(s). Ensure that passwords for all ac¬ 
counts are not easy to guess. You may want to con¬ 
sider using vendor-supplied or third-party tools to 
enforce your password policies. 

AusCERT has published the Choosing good pass¬ 
words article which contains Information to educate 
users to choose good passwords. 

F. Improve the security of your sys¬ 
tem and network 

1. Review security using the UNIX or NT Configuration 
Guidelines document 

To help you assess the security of your system(s), 
please refer to our UNIX or NT Configuration Guide¬ 
lines documents. These documents may be useful 
when checking your system for common configura¬ 
tion problems that are often exploited by Intruders. 

http://www.cert.org/tech tlps/unlx- 

conflguratlon guldellnes.html 

http://www.auscert.org.au/lnforma- 

tlon/Auscert Info/Papers/wln confi¬ 

guration guldellnes.html 

2. Review the security tools document 

Consider using some of the software security tools 
that are available, such as Tripwire®, COPS, and the 
TCP wrapper package. 

A description of some tools that can be used to help 
secure a system and deter break-ins Is available 
from: 

http://www.cert.org/tech tlps/secu- 

rltv tools.html 

3. InstaR security tools 

Install all security tools before you connect your ma¬ 
chine back to the network. Also, this Is a good time to 
take an MD5 checksum snapshot of the newly re¬ 
stored system using a tool such as Tripwire®. 

4. Enable maximal logging 

Make sure that logging/auditing/accounting pro¬ 
grams are enabled (for example, process accounting) 
and that they are set to an appropriate level (for ex¬ 
ample, sendmall logging should be level 9 or higher). 
Backup your logs and/or consider writing your logs 
to a different machine, to an append-only file system, 
or to a secure logging host. 

5. Configure firewalls to defend networks 
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Consider filtering certain TCP/IP services at your fire¬ 
wall server, router or at the hosts. For some sugges¬ 
tions, please refer to "Packet Filtering for Firewall 
Systems," available from 

http://WWW.cert.org/tech tips/pack¬ 

et fllterlng.html 

G. Reconnect to the Internet 

If you disconnected from the Internet, the best time 
to reconnect Is after you have completed all the steps 
listed above. 


1. Update your security policy 

The CERT Coordination Center recommends that ev¬ 
ery site develop their ovra computer security policy. 
Each organization may have a specialized culture and 
security requirements that are specific to their own 
organization. Please refer to RFC 2196 "Site Security 
Handbook" for Information about developing com¬ 
puter security policies and procedures for sites that 
have systems on the Internet. This document Is avail¬ 
able from 

ftp://ftp.lsl.edu/ln-notes/rfc2196.txt 

2. Document lessons learned from being compromised 

Document and review the lessons you learned from 
going through the process of recovering from a com¬ 
promise. This will help you decide exactly how to re¬ 
vise for your security policy. 


3. Calculate the cost of this incident 

For many organizations, changes simply are not 
made In security policy until they understand the 
cost of security, or lack thereof Calculating the cost 
of an Incident will help measure the Importance of se¬ 
curity for your organization. You may find that calcu¬ 
lating the cost of this Incident Is useful for explaining 
to management that security Is Important to your or¬ 
ganization. 

4. Incorporate necessary changes (if any) in your secu¬ 
rity policy 

Making changes to your security policy Is the last 
step to take In this process. Be sure to Inform mem¬ 
bers of your organization about the changes that 
have been made and how that may affect them. 


Questions or comments regarding this articie? 
auscert&auscert.ora.au 

Disclaimer - Copyright © 1993-2000, AusCERT 

This article is re-printed with permission. The original 
can be found at: http://www.auscert.ora.au/ 
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Summrary of Minutes 
from AUUG Exec 
Meeting 

By: Liz Carroll 


5 August 2000 
lOiOOam - 4:00pnn 
UTS, Sydney NSW 


Notetaker: 

Elizabeth Carroll 

EC 

Attendees: 

Elizabeth Carroll 

EC 


David Purdue 

DP 


Luigi Cantoni 

LC 


Michael Paddon 

MP 


Malcolm Caldwell 

MC 


Peter Gray 

PG 


Alan Cowie 

AC 


Sarah Bolderoff 

SB 


Greg Lehey 

GL 

Guest: 

Frank Crawford 

FC 

Apologies: 

David Newall 

DN 


NEW COMMITTEE 

Motion to co-opt Greg Lehey and Sarah Bolderoff onto committee. 
They were subsequently thanked for volunteering. 

PRESIDENTS REPORT 

Some procedural changes were discussed, before the President’s report was given. 
There will be 4 meetings this year. All reports must be submitted one week prior to 
the meeting, with an archive of reports kept. 

Procedures will be codified this year - HTML is the most logical way to do this and 
then store it on the AUUG website. 

AUUG2K 

We held a successful conference, although numbers were a little 
disappointing. 

Planning 

The main focus for this meeting is planning for the next year. 
AUUG200f is more than a year off, and while we cannot ignore it 
we will have to focus on other activities. In particular, we need to 
increase our membership, and we need to codify our procedures 
and get our corporate memory in order. 

SECRETARY’S REPORT 

Current membership statistics (as at 2000/08/03). 

* 664 members: 


Individual Member 

432 

65% 

Corporate Member 

187 

28% 

Student Member 

21 

3% 

Freebies 

17 

3% 

Subscription 

5 


Life Member 

2 


NSW 

194 

29% 

VIC 

151 

22% 

ACT 

116 

17% 

QLD 

91 

14% 

WA 

44 

7% 

SA 

25 

4% 

OTHER 

19 

3% 

TAS 

17 

3% 

NT 

7 

1% 


Correspondance of note. 

Following an email complaining bitterly of our association with the 
ORBS anti spam service, discussion ensued on the exec list with 
divided opinion regarding the nature and merit of the ORBS ser¬ 
vice. MP’s suggestion would be to use MAPs - in accordance to a 
response from Jeremy Bishop. 

WA Society for Computers and the Law, would like to form an alli¬ 
ance with AUUG. 

Directory of Australian Associations requires updated contact de¬ 
tails for AUUG. 


DP requested MP to submit annual reports to the companies regis¬ 
ter in VIC. We need to have our details up to date with them. 

TREASURER’S REPORT 

The Treasurer presented the AUUG Budget for 1 July 2000-30 
June 200f 

AUUG is solvent 

A) Even if our memberships were nil, we are solvent for 
the year 

B) Monies required by 1st July 2001, as we will need 
funds for the AUUG 2001 conference 

Budget shows that we need the conference to happen, as the 
membership alone does not sustain AUUG. 

BUSINESS MANAGER’S REPORT 

The past few weeks, since AUUG2K, had been spent with the gen¬ 
eral post conference clean up of issues, as well as ensuring that all 
the 30 June 2000 membership renewals were mailed out. 

Accounts 

The majority of bills have been received from AUUG2K, just one or 
two small ones left, so most of this is up to date. 

All other accounts are up to date. 

AUUG2K 

Some outstanding payments are yet to come in, with invoices be¬ 
ing mailed to those outstanding 

AUUG 2001 

Venues are currently being sourced. 

AUUGN 

Gunther Feuereisen stepping down as Editor. 

Systems Magazine 

An article has been written for the August edition by Con Zymaris, 
basically a summary of the events at AUUG2K 

MINUTES OF PREVIOUS MEETING 

Last meeting in Canberra was not quorate, therefore notes have 
been produced, as opposed to minutes. 

AUUG2K 

FC stated that given the fact that there was short preparation time, 
and out of time frame, things went well. Some problems with 
speakers pulling out at short notice. Conference and tutorials went 
very well. Negative side was the short preparation time. 

LC stated that FC’s availability at the front desk was excellent, as 
any problems were rectified almost immediately. In this respect, 
the Programme Chair should probably have an assistant. 

PG stated that looking at the Evaluation Results, that Security is 
still a very popular topic, and should always be included. 

Comment was made that there was a tutorial that finished in about half the time that 
it should have. At future events, we need to look at using known presenters to try 
and ensure this does not happen. An idea would be to use a questionnaire on ap¬ 
plication, ie how many tutorials have you presented, where etc. PG will produce a 
Guide for Tutors. 

Sunday was a good idea and worked well, with no complaints. 

Venue - DP was very pleased with this - the rooms were actually 
designed for presentations. All the correct seating and equipment 
was there. 

Looking at the response to the venue, meeting rooms was good, 
meals and refreshments - not so good. 

Some mixed comments were received in regards to the venue, i.e. 
some delegates stated that it was too far from the accommodation. 

DP moved a vote of thanks to FC. 

EVENTS 
■ AUUG 2001 

Received topics from the AUUG2K Evaluations, may be premature 
to use these right now. 

Most important thing is the date and venue. 

AUUG2001 will be run in Sydney 23-28 September 2001. 

AOSS 
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Date to be held , Saturday 25 November 2000, Adelaide. 

■ Security Symposium 

Idea this year is to present this on Friday 3 November 
2000, followed by the Exec Meeting on Saturday 4 No¬ 
vember. 

' Installfest 

GL stated that this was a very successful event. Their ex¬ 
pectation was 200, but they estimate they had about 500. 

■ Other Events 

Two more events should be held in the beginning half of 
next year. 

Ideas; 

A) Unix Systems Administration 

B) Heterogeneous Networking 

C) High Level Scripting Languages 

D) eCommerce and WebServing 

MEMBERSHIPS AND RENEWALS 

Need to increase our membership numbers so that AUUG is more 
seif-sustaining. It is currentiy sustained by events, wouid iike it 
sustained by membership, so that profit from events can be 
pioughed back into running bigger/better events and increase and 
improve membership benefits. We need to iook at retaining mem¬ 
bers, as weii as recruiting. 

As we increase membership, it increases both income and expen¬ 
diture. We need to iook at our fixed and variabie costs in reiation 
to this. 

Looking at the budget, if we were to doubie our membership fig¬ 
ures it wouid resuit in a very heaithy organisation. 

AUUGN 

Discussed at the iast AUUG Exec get together - suggestion pay¬ 
ment of $200 for appropriateiy refereed articies. 

Motion to pursue this action.Titie for this is the Reviewed Articie 
Track. 

Editor 

Gunther wiii be standing down. 

NEW COMMITTEE 

President: 

DP 

Vice President: 

MC 

Treasurer: 

LC 

Secretary: 

MP 

Generai Committee Members: 

PG 

AC 
DN 
SB 
GL 


David Purdue 
Maicoim Caidweii 
Luigi Cantoni 
Michaei Paddon 
Peter Gray 
Aian Cowie 
David Newaii 
Sarah Boideroff 
Greg Lehey 


EC to confirm the names of the Returning and Assistant Returning Offier. 


OTHER BUSINESS 

John Lions account - monies to be put into a high interest fund. 

Meeting Closed: 5.10pm 

Next Meeting: 4 November 2000 
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Unix Traps and Tricks 

Jerry Vochteloo 
j erry @ vochteloo .org 


Welcome again to Unix Traps and Tricks. Keeping to 
the primer theme (and since I have not had time to do 
anything tricky In a while or received any other sub¬ 
missions), this quarters Installment Is on UNIX 
directory permissions. 

1 know this Is the had end of the year, hut we have a 
new year coming up In which we will all have more 
time :) so If anyone would he willing to write some¬ 
thing on any UNIX related topic that would he great. 
Submissions tojerry@vochteloo.org please. 


Short primer on UNIX directory permissions 

Last time 1 talked about permissions on files In UNIX, 
this time 1 will talk about what those permissions 
mean on directories. 

In UNIX a directory Is a file. The main difference be¬ 
tween files and directories Is that users cannot write 
to directories directly. All operations on directories 
are done by the operating system, some Indirectly; le 
creating a file will add an entry to the directory, delet¬ 
ing a file will remove an entry from the directory; and 
some more directly le mkdlr, and rmdlr. 

To understand how permissions on a directory work 
we have to know what Is In a directory; Simply a file 
which contains a list of directory entries (dlrents). 
Each directory entry contains; 

An Inode number (file Information data structure), 
and the name of the file. 

If we are searching for a file, the operating systems 
will search for the names In the directory, until It 
finds a match. Once a match Is found, the cor¬ 
responding Inode number Is returned and we can 
start operating on the file (Note this Is basically what 
namel does). 

Now to what the permissions mean. First of all we 
will take read permissions. If you have read permis¬ 
sions on a directory you can list the contents of the 
directory, le the names of the files, and you can 
search the directory, le without read permissions you 
could not do an Is on the directory. 

unix> mkdir directory 
unix> touch directory/file 
unix> Is -1 directory 
total 0 

-rw- 1 jerry jerry 0 Nov 22 

09:51 file 

unix> chmod a-r directory/ 
unix> Is -Id directory 

d-wx- 2 jerry jerry 4096 Nov 22 

09:51 directory 
unix> Is directory 

/bin/ls: directory: Permission denied 


Write permissions on a directory allow you to modify 
directory entries (through the operating system of 
course). This allows you to delete files, create files 
and rename files. This means that even If you have 
write permissions on the file Itself, you cannot delete 
It from the directory If you do not have write permis¬ 
sions on the directory (Note that you can set the 
length of the file to zero, effectively deleting the con¬ 
tents of the file, but you cannot remove the file Itself) 


unix> chmod u-w directory/ 
unix> Is -Id directory/ 

dr-x- 2 jerry jerry 4096 Nov 22 

09:56 directory/ 
unix> Is -1 directory/ 
total 0 

-rw- 1 jerry jerry 0 Nov 22 

09:56 file 

unix> rm directory/file 

rm: cannot unlink 'directory/file': Permission 
denied 

Finally, the hardest permission to understand (and to 
explain) Is the execute permission on a directory. 1 
basically think of It as permission to access the In¬ 
odes that are pointed to by dlrents. This means that. 
If the execute bit Is not set, no matter what permis¬ 
sions you have on the files themselves, you cannot 
operate on the files. Further, without the execute per¬ 
missions on a directory you cannot do an Is -1, as this 
would need to get the Information from the Inode. 

unix> mkdir dim 
unix> touch dirn/filel 
unix> touch dirn/file2 
unix> Is -1 dim 


total 0 

-rw- 1 jerry jerry 0 Nov 27 

10:58 filel 

-rw- 1 jerry jerry 0 Nov 27 

10:58 file2 


unix> chmod a-x dim 
unix> Is -1 dim 

/bin/ls: dirn/filel: Permission denied 

/bin/ls: dirn/file2: Permission denied 

total 0 

unix> Is dim 

filel file2 

unix> cat dirn/filel 

cat: dirn/filel: Permission denied 


Tricks 

As well as the three permissions read, write and ex¬ 
ecute, there are a couple of other permission bits that 
can be set on a directory; these are the set group Id 
(set gld) and the sticky bit. 


First of all, the set gld bit. Indicates that all files that 
are created In that directory get the same group as 
the directory, not the group of the user. This Is useful 
If you have sets of group work projects. 


unix> mkdir tmp 
unix> Is -Id tmp 

drwx- 2 jerry jerry 4096 Nov 27 

09:00 tmp 

unix> chgrp src tmp 
unix> Is -Id tmp 

drwx- 2 jerry src 4096 Nov 27 

09:00 tmp 
unix> id 

uid=666(jerry) gid=666(jerry) 

unix> groups jerry 
jerry : jerry src 
unix> touch tmp/filel 
unix> Is -1 tmp/filel 
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-rw- 1 jerry jerry 

09:01 tmp/filel 
unix> chmod g+s tmp 
unix> Is -Id tmp 

drwx—S- 2 jerry src 

09:01 tmp 

unix> touch tmp/file2 
unix> Is -1 tmp 
total 0 

-rw- 1 jerry jerry 

09:01 filel 

-rw- 1 jerry src 

09:01 file2 


0 Nov 27 


4096 Nov 27 


I hope that this has given some Insight to UNIX direc¬ 
tory permissions, 

’till next time. 


0 Nov 27 
0 Nov 27 


From the above you can see that once we set the set 
gld hit on the directory, the file that we create In that 
directory has the same group as the directory, not as 
the user that created the file. 

The second extra hit on a directory Is the sticky hit. 
This Is useful In world writable directories that lots of 
people are supposed to use (such as /tmp or 
/var/tmp). Normally If a directory Is world writeable 
(and executable) any user can remove any files from 
that directory. With the sticky bit set; only the owner 
of the directory, the owner of the file, anyone with 
write permission on the file (and of course root), can 
delete the file. Hence users can create files In this di¬ 
rectory, without other being able to remove those 
files. 


unix> mkdir test2 
unix> chmod +t test2 
unix> Is -Id test2 

drwx-T 2 jerry jerry 4096 Nov 27 

16:17 test! 

unix> chmod a+rwx test! 
unix> Is -Id test! 

drwxrwxrwt 2 jerry jerry 4096 Nov 27 

16:17 test! 

Finally, the applied tricks section: There Is a hack 
that we can use give us a little (very little) security 
when we are sharing files. If we set permissions on a 
directory to rwx--x--x, we deny others the ability to 
list the directory (with Is or anything else), so there Is 
no way that other users can find out the names of the 
files In that directory. With the x bit set, however. If 
people know the name of the file they can access It 
(much like a password). This gives us rudimentary 
passwords for files. For example: 


unix> mkdir AUUGN 
unix> chmod 711 AUUGN 
unix> Is -Id AUUGN/ 

drwx—X—X 2 jerry jerry 4096 Aug 9 

16:14 AUUGN/ 

unix> echo "hello" > AUUGN/adlkfjasdlfkjasdlf 
unix> chmod 644 AUUGN/adlkfjasdlfkjasdlf 
unix> Is -1 AUUGN 
total 0 

-rw-r—r— 1 jerry jerry 6 Aug 9 

16:14 AUUGN/adlkfjasdlfkjasdlf 

unix> su otheruser 
unix$ Is AUUGN 

Is: AUUGN: Permission denied 
unix$ cat AUUGN/adlkfjasdlfkjasdlf 
hello 

This shows that only those people who know that the 
file Is called adlk^asdlfkjasdlf can actually show the 
contents of the file. The only problems with this Is 1) 
root can see all the files and 2) filenames can often be 
found from process Information le ps or even worse 
/proc If the file Is mapped Into the address space of a 
process. 
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AUUG Chapter Meetings 
and Contact Details 


CITY 

LOCATION 

OTHER 

BRISBANE 

Inn on the Park 

507 Coronation Drive 

Toowong 

For further information, contact the QAUUG Ex¬ 
ecutive Committee via email (qauug— 

exec@auug.org.au). The techno-loglcally deprived 
can contact Rick Stevenson on (07) 5578-8933. 



To suhscrlhe to the QAUUG announcements mail¬ 
ing list, please send an e-mail message to; 

<majordomo@auug.org.au> containing the mes¬ 
sage "suhsciihe qauug <e-mall address>" in the e- 
mall hody. 

CANBERRA 

Australian National University 


HOBART 

University of Tasmania 


MELBOURNE 

Various. For updated information 
See; 

http;//www. vlc.auug.org.au/auu- 
gvlc/av_mee tings .html 

The meetings alternate between Technical presen¬ 
tations in the odd numbered months and purely 
social occasions in the even numbered months. 
Some attempt is made to fit other AUUG activities 
into the schedule with minimum disruption. 

PERTH 

The Victoria League 

276 Onslow Road 

Shenton Park 

Meeting commences at 6.15pm 

SYDNEY 

TEA 



For up-to-date details on meetings, including those in all other Australian cities, please check the 
AUUG website at http://www.auug.org.au or call the AUUG office on 1-800-625655. 
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Call for Papers 


AUUG 2001 

Theme: "Always On and Everywhere" 


The AUUG Annual Conference will be held in Sydney, Aus¬ 
tralia, 26, 27 and 28 September 2001. 

The Conference will be preceded by three days of tutorials, 
to be held on 23, 24 and 25 September 2001. 

The Programme Committee invites proposals for papers 
and tutorials relating to: 

• Security in the Enterprise 

• Applications made possible by Open Source 

• Technical aspects of Computing. 

• Networking in the Enterprise. 

• Business Experience and Case Studies 

• Open Source projects 

• Business cases for Open Source 

• Technical aspects of Unix, Linux, and BSD vari¬ 
ants 

• Open Systems or other operating systems 

• Computer Security 

• Performance Management and Measurement 

• Networking, Internet (including the World Wide 
Web) 

Presentations may be given as tutorials, technical papers, 
or management studies. Technical papers are designed for 
those who need in-depth knowledge, whereas manage¬ 
ment studies present case studies of real-life experiences 
in the conference’s fields of interest. 

A written paper, for inclusion in the conference proceedings 
must accompany all presentations. 

Speakers may select one of two presentation formats: 

Technical presentation: 

• A 25-minute talk, with 5 minutes for questions. 

Management presentation: 

• A 20-25 minute talk, with 5-10 minutes for 
questions (i.e. a total 30 minutes). 

Panel sessions will also be timetabled in the conference 
and speakers should indicate their willingness to partici¬ 
pate, and may like to suggest panel topics. 

Tutorials, which may be of either a technical or manage¬ 
ment orientation, provide a more thorough presentation, of 
either a half-day or full-day duration. 

Representing the largest Technical Computing event held 
in Australia, this conference offers an unparalleled op¬ 
portunity to present your ideas and experiences to an audi¬ 
ence with a major influence on the direction of Computing 
in Australia. 


Submission Guidelines: 

Those proposing to submit papers should submit an ex¬ 
tended abstract (1-3 pages) and a brief biography, and 
clearly indicate their preferred presentation format. 

Those submitting tutorial proposals should submit an out¬ 
line of the tutorial and a brief biography, and clearly indi¬ 
cate whether the tutorial is of half-day or full-day duration. 

Speaker Incentives 

Presenters of papers are afforded complimentary confer¬ 
ence registration. 

Tutorial presenters may select 25% of the profit of their 
session OR complimentary conference registration. Past 
experience suggests that a successful tutorial session of 
either duration can generate a reasonable return to the pre¬ 
senter. 

Please note that with the GST changes to tax legislation we 
will be requiring the presentation of a tax invoice (which we 
will assist in producing) containing an ABN for your pay¬ 
ment. If that is not provided then tax will have to be with¬ 
held from your payment. 

Important Dates 

Abstracts/Proposals Due -13 July 2001 
Authors notified - 27 July 2001 

Final copy due - 24 August 2001 

Tutorials - 23-25 September 2001 

Conference - 26-28 September 2001 

Proposals should be sent to: 

AUUG Inc. 

PO Box 366 
Kensington NSW 2033 
AUSTRALIA 

Email: auug2001prog@auug.org.au 

Phone: 1800 625 655 or -i-61 2 8824 9511 
Fax: -t61 2 8824 9522 
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